my sendmail being attacked?
m.w.chang
mwchang
Mon May 17 11:39:05 PDT 2004
is it someone trying to use my smtp as a relay but failed?
but how did it trigger my sendmail to do the job? I didn't reply to any
of these chiense non-sense. is it exploring procmail?
############### begin quote ###############3
The original message was received at Mon, 21 Oct 2002 00:30:10 +0800
from localhost
with id g9KGUAlZ000906
----- The following addresses had permanent fatal errors -----
<air2 at loveyou.net>
(reason: 550 5.7.1 <air2 at loveyou.net>... Relaying denied)
----- Transcript of session follows -----
... while talking to homemail.doregi.com.:
>>> DATA
<<< 550 5.7.1 <air2 at loveyou.net>... Relaying denied
550 5.1.1 <air2 at loveyou.net>... User unknown
<<< 503 5.0.0 Need RCPT (recipient)
Reporting-MTA: dns; server.donkeyware.org
Received-From-MTA: DNS; localhost
Arrival-Date: Mon, 21 Oct 2002 00:30:10 +0800
Final-Recipient: RFC822; air2 at loveyou.net
Action: failed
Status: 5.7.1
Remote-MTA: DNS; homemail.doregi.com
Diagnostic-Code: SMTP; 550 5.7.1 <air2 at loveyou.net>... Relaying denied
Last-Attempt-Date: Mon, 21 Oct 2002 00:30:17 +0800
Subject:
Returned mail: see transcript for details
From:
Mail Delivery Subsystem <MAILER-DAEMON>
Date:
Mon, 21 Oct 2002 00:30:10 +0800
To:
<air2 at loveyou.net>
The original message was received at Mon, 21 Oct 2002 00:30:10 +0800
from localhost [127.0.0.1]
----- The following addresses had permanent fatal errors -----
"|exec /usr/bin/procmail"
(reason: 554 5.4.6 Too many hops)
(expanded from: <toylet at localhost>)
----- Transcript of session follows -----
554 5.4.6 Too many hops 29 (25 max): from <air2 at loveyou.net> via
localhost, to <toylet at localhost>
Reporting-MTA: dns; server.donkeyware.org
Received-From-MTA: DNS; localhost
Arrival-Date: Mon, 21 Oct 2002 00:30:10 +0800
Final-Recipient: RFC822; toylet at localhost
X-Actual-Recipient: X-Unix; "|exec /usr/bin/procmail"
Action: failed
Status: 5.4.6
Diagnostic-Code: X-Unix; 554 5.4.6 Too many hops
Last-Attempt-Date: Mon, 21 Oct 2002 00:30:10 +0800
--
.~. Swiftly. Silently. Invisibly. In Linux we trust.
/ v \ news://news.hkpcug.org
/( _ )\ http://www.linux-sxs.org
^ ^ 2.4.19 12:45am up 22 min, 0 users, load average: 1.00, 1.05, 0.82
More information about the Linux-users
mailing list