For a few months now, starting in March / April and happening every day, someone has been sending 16 emails
from webtestx.com & the same from techn-site.net. They always originate in these subnets:
192.99.105.32/29 & 192.95.54.112/29 (which I have blocked). The peculiar thing is that each email has one
of the 2 domains but a different sender username and they are always sent to a different (invalid)
username@mydomain.com. They appear to be just making up the names on both ends & trying
to send the email - which of course always fails.
Why do you think they are probing like this? The success rate is 0% yet they persist in sending to 32 unique
usernames from 32 unique usernames every night. Seems somewhat bizarre to me. Any thoughts or opinions
on this?
Thanks
Here are some real examples:
From: chatoian@techn-site.net
To: fazar@mydomain.com
From: brunell@techn-site.net
To: ardito@mydomain.com
From: ruckober@webtestx.com
To: roncase@mydomain.com
From: canavan@webtestx.com
To: mishelle@mydomain.com
webtestx.com & techn-site.net
Moderator: Moderators