| 1 |
On Jan 17, 2006, at 11:14 AM, Michael Sullivan wrote: |
| 2 |
|
| 3 |
> I'm concerned. When I got out of the shower just now and came to |
| 4 |
> check |
| 5 |
> my email, I didn't have any. Concerned that sendmail might not be |
| 6 |
> running, I ps'd for it: |
| 7 |
> |
| 8 |
> bullet mail # ps ax | grep 'sendmail' |
| 9 |
> 9939 ? Ss 0:00 sendmail: Queue runner@00:30:00 |
| 10 |
> for /var/spool/clientmqueue |
| 11 |
> 10305 ? Ss 0:00 sendmail: accepting connections |
| 12 |
> 10801 ? S 0:00 sendmail: ./k0FKmpDE010833 |
| 13 |
> gpeplpqel.shankscape.com.: user open |
| 14 |
> 10810 pts/0 R+ 0:00 grep sendmail |
| 15 |
> |
| 16 |
> |
| 17 |
> I see that sendmail is connected with gpeplpqel.shankscape.com. I |
| 18 |
> assume that someone at that host is trying to send mail to my domain, |
| 19 |
> but I checked /var/spool/mail and I didn't see anything from them. I |
| 20 |
> ps'd sendmail again and saw that they were no longer connected. I |
| 21 |
> checked /var/log/maillog and see a bunch of these: |
| 22 |
> |
| 23 |
> Jan 17 11:04:10 bullet sm-mta[10801]: k0FKmpDE010833: |
| 24 |
> to=<kkaempf@××××××××××××××××××××.com>, delay=1+20:15:18, |
| 25 |
> xdelay=00:03:10, mailer=esmtp, pri=8599167, |
| 26 |
> relay=gpeplpqel.shankscape.com. [69.25.212.153], dsn=4.0.0, |
| 27 |
> stat=Deferred: Connection timed out with gpeplpqel.shankscape.com. |
| 28 |
> |
| 29 |
> Is there a way to make sure that unauthorized people are not sending |
| 30 |
> mail through my domain? |
| 31 |
> |
| 32 |
telnet yourdomain.com 25 |
| 33 |
helo somedomain.com |
| 34 |
msg from someforeigndomain.com |
| 35 |
rcpt to someotherforeigndomain.com |
| 36 |
|
| 37 |
see if it slaps you down (note, i may have the msg from and rcpt to |
| 38 |
backwards, always forget) |
| 39 |
> |
| 40 |
> -- |
| 41 |
> gentoo-user@g.o mailing list |
| 42 |
> |
| 43 |
|
| 44 |
-- |
| 45 |
gentoo-user@g.o mailing list |
Archives