1 |
On Jan 17, 2006, at 11:14 AM, Michael Sullivan wrote: |
2 |
|
3 |
> I'm concerned. When I got out of the shower just now and came to |
4 |
> check |
5 |
> my email, I didn't have any. Concerned that sendmail might not be |
6 |
> running, I ps'd for it: |
7 |
> |
8 |
> bullet mail # ps ax | grep 'sendmail' |
9 |
> 9939 ? Ss 0:00 sendmail: Queue runner@00:30:00 |
10 |
> for /var/spool/clientmqueue |
11 |
> 10305 ? Ss 0:00 sendmail: accepting connections |
12 |
> 10801 ? S 0:00 sendmail: ./k0FKmpDE010833 |
13 |
> gpeplpqel.shankscape.com.: user open |
14 |
> 10810 pts/0 R+ 0:00 grep sendmail |
15 |
> |
16 |
> |
17 |
> I see that sendmail is connected with gpeplpqel.shankscape.com. I |
18 |
> assume that someone at that host is trying to send mail to my domain, |
19 |
> but I checked /var/spool/mail and I didn't see anything from them. I |
20 |
> ps'd sendmail again and saw that they were no longer connected. I |
21 |
> checked /var/log/maillog and see a bunch of these: |
22 |
> |
23 |
> Jan 17 11:04:10 bullet sm-mta[10801]: k0FKmpDE010833: |
24 |
> to=<kkaempf@××××××××××××××××××××.com>, delay=1+20:15:18, |
25 |
> xdelay=00:03:10, mailer=esmtp, pri=8599167, |
26 |
> relay=gpeplpqel.shankscape.com. [69.25.212.153], dsn=4.0.0, |
27 |
> stat=Deferred: Connection timed out with gpeplpqel.shankscape.com. |
28 |
> |
29 |
> Is there a way to make sure that unauthorized people are not sending |
30 |
> mail through my domain? |
31 |
> |
32 |
telnet yourdomain.com 25 |
33 |
helo somedomain.com |
34 |
msg from someforeigndomain.com |
35 |
rcpt to someotherforeigndomain.com |
36 |
|
37 |
see if it slaps you down (note, i may have the msg from and rcpt to |
38 |
backwards, always forget) |
39 |
> |
40 |
> -- |
41 |
> gentoo-user@g.o mailing list |
42 |
> |
43 |
|
44 |
-- |
45 |
gentoo-user@g.o mailing list |