my sendmail being attacked?

Matthew Carpenter matt
Mon May 17 11:39:10 PDT 2004 

Someone was trying out your MTA as an open relay, and sendmail blocked
it correctly  :)

You have to specify which hosts can relay...  This is a "Good Thing(R)"

On Mon, 21 Oct 2002 00:51:13+0800"m.w.chang" <mwchang at netvigator.com>
wrote:

> 
> is it someone trying to use my smtp as a relay but failed?
> but how did it trigger my sendmail to do the job? I didn't reply to
> any of these chiense non-sense. is it exploring procmail?
> 
> ############### begin quote ###############3
> 
> The original message was received at Mon, 21 Oct 2002 00:30:10 +0800
> from localhost
> with id g9KGUAlZ000906
> 
>     ----- The following addresses had permanent fatal errors -----
> <air2 at loveyou.net>
>      (reason: 550 5.7.1 <air2 at loveyou.net>... Relaying denied)
> 
>     ----- Transcript of session follows -----
> ... while talking to homemail.doregi.com.:
> 
>  >>> DATA
> 
> <<< 550 5.7.1 <air2 at loveyou.net>... Relaying denied
> 550 5.1.1 <air2 at loveyou.net>... User unknown
> <<< 503 5.0.0 Need RCPT (recipient)
> 
> 
> 
> Reporting-MTA: dns; server.donkeyware.org
> Received-From-MTA: DNS; localhost
> Arrival-Date: Mon, 21 Oct 2002 00:30:10 +0800
> 
> Final-Recipient: RFC822; air2 at loveyou.net
> Action: failed
> Status: 5.7.1
> Remote-MTA: DNS; homemail.doregi.com
> Diagnostic-Code: SMTP; 550 5.7.1 <air2 at loveyou.net>... Relaying denied
> Last-Attempt-Date: Mon, 21 Oct 2002 00:30:17 +0800
> 
> 
> 
> Subject:
> Returned mail: see transcript for details
> From:
> Mail Delivery Subsystem <MAILER-DAEMON>
> Date:
> Mon, 21 Oct 2002 00:30:10 +0800
> To:
> <air2 at loveyou.net>
> 
> The original message was received at Mon, 21 Oct 2002 00:30:10 +0800
> from localhost [127.0.0.1]
> 
>     ----- The following addresses had permanent fatal errors -----
> "|exec /usr/bin/procmail"
>      (reason: 554 5.4.6 Too many hops)
>      (expanded from: <toylet at localhost>)
> 
>     ----- Transcript of session follows -----
> 554 5.4.6 Too many hops 29 (25 max): from <air2 at loveyou.net> via 
> localhost, to <toylet at localhost>
> 
> 
> 
> Reporting-MTA: dns; server.donkeyware.org
> Received-From-MTA: DNS; localhost
> Arrival-Date: Mon, 21 Oct 2002 00:30:10 +0800
> 
> Final-Recipient: RFC822; toylet at localhost
> X-Actual-Recipient: X-Unix; "|exec /usr/bin/procmail"
> Action: failed
> Status: 5.4.6
> Diagnostic-Code: X-Unix; 554 5.4.6 Too many hops
> Last-Attempt-Date: Mon, 21 Oct 2002 00:30:10 +0800
> 
> -- 
>    .~.    Swiftly. Silently. Invisibly. In Linux we trust.
>   / v \   news://news.hkpcug.org
> /( _ )\  http://www.linux-sxs.org
>    ^ ^    2.4.19 12:45am up 22 min, 0 users, load average: 1.00, 1.05,
>    0.82
> 
> _______________________________________________
> Linux-users mailing list
> Linux-users at linux-sxs.org
> Unsubscribe/Suspend/Etc ->
> http://www.linux-sxs.org/mailman/listinfo/linux-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mail.linux-sxs.org/pipermail/linux-users/attachments/20021021/de1bb17e/attachment.pgp

More information about the Linux-users mailing list