From Newsgroup: comp.misc

Interesting what you can discover, just by leaving your server’s mail
log scrolling in a spare terminal session for a few hours.

So far this afternoon, I’ve seen connection attempts from two
different domains, and checking associated websites show they claim to
be security companies.

Postfix chucked them off because of “improper pipelining”. That is to
say, they tried to push through a whole bunch of SMTP commands without
waiting for corresponding replies. This is not the behaviour of
legitimate MTAs, and any reputable security company would know that.

It is, however, the behaviour of quite a lot of cheap-and-nasty
drive-by spammers. I’m surprised that such can still stay in business,
unless there are still a lot of MTAs out there which are either
obsolete crap or poorly configured, that will happily accept their
spam.
--- Synchronet 3.21f-Linux NewsLink 1.2