Header RSS Feed
 
If you only want to see the articles of a certain category, please click on the desired category below:
ALL Android Backup BSD Database Hacks Hardware Internet Linux Mail MySQL Monitoring Network Personal PHP Proxy Shell Solaris Unix Virtualization VMware Windows Wyse

Bad admins: When the abuse mail address does not work (MTNL Delhi)
Wednesday - Sep 4th 2013 - by - (0 comments)

Last week a website running Wordpress on a shared hosting server experienced a HTTP DDOS attack - which actually was a brute force attack on the wp-login.php page. A total of 1723 IPv4 addresses launched the bruteforce attack - forcing the Apache webserver on that particular server to refuse doing his work (all slots closed).

When I finally moved the site, the attacks continued (of course) but at least the web server just delivered 404 error pages and could at least do his job again. After around 2 hours the attacks slowed down and at the end there were only a couple of same IP addresses still trying to access wp-login.php. One of these addresses was 182.58.184.251 - an address belonging to the Indian provider MTNL Delhi (http://mtnldelhi.in/). Besides having a website looking like from the early 90's (OK, if you like it) their abuse e-mail address doesn't work.

I wrote to networkabuse@bol.net.in , which was officially listed in the whois information of the offending IP address as abuse mailbox, complaining about the IP and that they should check or cut the access. Now, 8 days later, I got the following e-mail back:

Your message has been enqueued and undeliverable for 7 days
to the following recipients:

  Recipient address: networkabuse@ims-ms-daemon
  Original address: networkabuse@bol.net.in
  Reason: unable to deliver this message after 7 days


Delivery attempt history for your mail:

Tue,  3 Sep 2013 20:36:55 +0530 (IST)
System I/O error.  Administrator, check server log for details.

[...]

Sun,  1 Sep 2013 00:36:55 +0530 (IST)
System I/O error.  Administrator, check server log for details.

Sat, 31 Aug 2013 20:36:55 +0530 (IST)
System I/O error.  Administrator, check server log for details.

The mail system will continue to try to deliver your message
for an additional 7 days.

Looks like they have set an invalid forwarding e-mail address as final recipient in their mailserver ... D'oh!

Please people, get your act together.

 

Add a comment

Show form to leave a comment

Comments (newest first):

No comments yet.

Go to Homepage home
Linux Howtos how to's
Monitoring Plugins monitoring plugins
Links links

Valid HTML 4.01 Transitional
Valid CSS!
[Valid RSS]

6937 Days
until Death of Computers
Why?