Basic happened to be on a GE timesharing system that was done by Dartmouth, and when GE decided to franchise that, it started spreading Basic around just because it was there, not because it had any intrinsic merits whatsoever. (Alan Kay)
The danger of computers becoming like humans is not as great as the danger of humans becoming like computers. (Konrad Zuse)
A customer had momentary trouble sending mail to someone. The
first attempt failed, but the second went through. An examination
of the logs revealed a couple of interesting things.
First, the recipient mail server sent a strange handshake. The
Kerio mail server recorded this log entry:
(IP replaced with all 9's) 553 Bogus helo FRONT4.com. <http://unblock.secureserver.net/?ip=188.8.131.52>
If you follow that, you come to a legitimate looking screen telling you
that the address is blacklisted. However, it seems a little sparse
for a real blacklist site - they usually give you more information.
I also checked the client's IP on the more common blacklist sites:
none of them have him listed.
If you try to find this "secureserver.net" in Google, there is no
listing. An attempt to go there or to www.secureserver.net in a browser redirects to "http://www.securepaynet.net/gdshop/404error.asp". Suspicious: is this some sort of extortion scheme?
The domain is registered with GoDaddy - that's a little suspicious too
just because GoDaddy is the registrar of a lot of bottom-feeders. It
isn't very old, either: less than a year. They have an interesting
Most of the pages are place-holders or redirect elsewhere.
This just doesn't smell like a real outfit.
That "FRONT4.com" doesn't exist either.
I think this is some sort of scam. I definitely wouldn't plug in
my email address there.
As to how they got to that server, I don't know - dns hijacking,