Automatic maintenance
Regular maintenance on the any first day pof the month has been automated for quite some time and it’s very handy indeed if that moment occurs during the holidays! Returned last week and had to take care of other business (not IT related, for a change) so tonight I had a chance to check.
Nothing weird, as was to be expected.
PMAS statistics for May
Total messages : 6802 = 100.0 o/o
DNS Blacklisted : 1181 = 17.3 o/o (Files: 31)
Relay attempts : 81 = 1.1 o/o (Files: 31)
Accepted by PMAS : 5540 = 81.4 o/o (Files: 31)
Handled by explicit rule
Rejected : 4989 = 90.0 o/o (processed), 73.3 o/o (all)
Accepted : 237 = 4.2 o/o (processed), 3.4 o/o (all)
Handled by content
Discarded : 89 = 1.6 o/o (processed), 1.3 o/o (all)
Quarantained : 189 = 3.4 o/o (processed), 2.7 o/o (all)
Delivered : 36 = .6 o/o (processed), .5 o/o (all)
Just on 3rd and 4th of June there have been massive amounts of spam; operator.log for these days are about 150Kb in size, where 10 to 20 is to be considered normal. Yesterday’s one was just less than 100, again quite a lot of SMTP messages….Guess they come from a Chinese source (still have to dig these).
On the FTP abuse fornt: it’s quiet as well, just the occasional attempt. Like yesterday: from adress 61.147.110.19 which resides in China as well: from the Jiangsu province network, according my souce (Robtex.com: free DNS services!) the base is haocssf.net, owned by China Telecom: blacklisted in a number of blacklists. He (since most abusers seems to be male, of am I wrong) has tried before: on the 9th and 10th, with the same (dumb) assumption of username: why do people think I would have an account named after the domain???
There are regular attempts to access wiki files of users I dumped before the holiday: The address looks familiar in examining the webserver logfiles: 173.231.41.82, owned by indiafocus.com, located in the US. But since the wiki is down (they don’t read the home pages…), there is no answer than the page stating this 🙂
The weblogs show more rediculous attempts, as usual. But since I don’t run Apache (on Linux or Windows) of ISS (on Windows) and do not use a standard naming scheme….