On Jan 17, 2006, at 11:14 AM, Michael Sullivan wrote:
I'm concerned. When I got out of the shower just now and came to
check
my email, I didn't have any. Concerned that sendmail might not be
running, I ps'd for it:
bullet mail # ps ax | grep 'sendmail'
9939 ? Ss 0:00 sendmail: Queue [EMAIL PROTECTED]:30:00
for /var/spool/clientmqueue
10305 ? Ss 0:00 sendmail: accepting connections
10801 ? S 0:00 sendmail: ./k0FKmpDE010833
gpeplpqel.shankscape.com.: user open
10810 pts/0 R+ 0:00 grep sendmail
I see that sendmail is connected with gpeplpqel.shankscape.com. I
assume that someone at that host is trying to send mail to my domain,
but I checked /var/spool/mail and I didn't see anything from them. I
ps'd sendmail again and saw that they were no longer connected. I
checked /var/log/maillog and see a bunch of these:
Jan 17 11:04:10 bullet sm-mta[10801]: k0FKmpDE010833:
to=<[EMAIL PROTECTED]>, delay=1+20:15:18,
xdelay=00:03:10, mailer=esmtp, pri=8599167,
relay=gpeplpqel.shankscape.com. [69.25.212.153], dsn=4.0.0,
stat=Deferred: Connection timed out with gpeplpqel.shankscape.com.
Is there a way to make sure that unauthorized people are not sending
mail through my domain?
telnet yourdomain.com 25
helo somedomain.com
msg from someforeigndomain.com
rcpt to someotherforeigndomain.com
see if it slaps you down (note, i may have the msg from and rcpt to
backwards, always forget)
--
gentoo-user@gentoo.org mailing list
--
gentoo-user@gentoo.org mailing list
