my sendmail being attacked?
Matthew Carpenter
matt
Mon May 17 11:39:16 PDT 2004
This is the header of the notification message to postmaster.
I'm more interested in the log messages as they appear in syslog.
On Tue, 22 Oct 2002 21:43:55 +0800
"m.w.chang" <mwchang at netvigator.com> wrote:
> the full message header:
>
> From - Mon Oct 21 00:46:47 2002
> X-UIDL: 3db2dd2400000002
> X-Mozilla-Status: 0001
> X-Mozilla-Status2: 10000000
> Received: from localhost (localhost)
> by server.donkeyware.org (8.12.6/8.12.6) id g9KGUAla000906;
> Mon, 21 Oct 2002 00:30:18 +0800
> Date: Mon, 21 Oct 2002 00:30:18 +0800
> From: Mail Delivery Subsystem <MAILER-DAEMON at server.donkeyware.org>
> Message-Id: <200210201630.g9KGUAla000906 at server.donkeyware.org>
> To: postmaster at server.donkeyware.org
> MIME-Version: 1.0
> Content-Type: multipart/report; report-type=delivery-status;
> boundary="g9KGUAla000906.1035131418/server.donkeyware.org"
> Subject: Postmaster notify: see transcript for details
> Auto-Submitted: auto-generated (postmaster-notification)
> X-Spam-Status: No, hits=1.0 required=5.0
> tests=FAILURE_NOTICE_2,MAILER_DAEMON,SPAM_PHRASE_00_01
> version=2.41
> X-Spam-Level: *
> Status:
>
> This is a MIME-encapsulated message
>
> --g9KGUAla000906.1035131418/server.donkeyware.org
>
> The original message was received at Mon, 21 Oct 2002 00:30:10 +0800
> from localhost
> with id g9KGUAlZ000906
>
> ----- The following addresses had permanent fatal errors -----
> <air2 at loveyou.net>
> (reason: 550 5.7.1 <air2 at loveyou.net>... Relaying denied)
>
> ----- Transcript of session follows -----
> ... while talking to homemail.doregi.com.:
> >>> DATA
> <<< 550 5.7.1 <air2 at loveyou.net>... Relaying denied
> 550 5.1.1 <air2 at loveyou.net>... User unknown
> <<< 503 5.0.0 Need RCPT (recipient)
>
> --g9KGUAla000906.1035131418/server.donkeyware.org
> Content-Type: message/delivery-status
>
> Reporting-MTA: dns; server.donkeyware.org
> Received-From-MTA: DNS; localhost
> Arrival-Date: Mon, 21 Oct 2002 00:30:10 +0800
>
> Final-Recipient: RFC822; air2 at loveyou.net
> Action: failed
> Status: 5.7.1
> Remote-MTA: DNS; homemail.doregi.com
> Diagnostic-Code: SMTP; 550 5.7.1 <air2 at loveyou.net>... Relaying denied
> Last-Attempt-Date: Mon, 21 Oct 2002 00:30:17 +0800
>
> --g9KGUAla000906.1035131418/server.donkeyware.org
> Content-Type: message/rfc822
>
> Return-Path: <MAILER-DAEMON>
> Received: from localhost (localhost)
> by server.donkeyware.org (8.12.6/8.12.6) id g9KGUAlZ000906;
> Mon, 21 Oct 2002 00:30:10 +0800
> Date: Mon, 21 Oct 2002 00:30:10 +0800
> From: Mail Delivery Subsystem <MAILER-DAEMON>
> Message-Id: <200210201630.g9KGUAlZ000906 at server.donkeyware.org>
> To: <air2 at loveyou.net>
> MIME-Version: 1.0
> Content-Type: multipart/report; report-type=delivery-status;
> boundary="g9KGUAlZ000906.1035131410/server.donkeyware.org"
> Content-Transfer-Encoding: 8bit
> Subject: Returned mail: see transcript for details
> Auto-Submitted: auto-generated (failure)
>
> This is a MIME-encapsulated message
>
> --g9KGUAlZ000906.1035131410/server.donkeyware.org
>
> The original message was received at Mon, 21 Oct 2002 00:30:10 +0800
> from localhost [127.0.0.1]
>
> ----- The following addresses had permanent fatal errors -----
> "|exec /usr/bin/procmail"
> (reason: 554 5.4.6 Too many hops)
> (expanded from: <toylet at localhost>)
>
> ----- Transcript of session follows -----
> 554 5.4.6 Too many hops 29 (25 max): from <air2 at loveyou.net> via
> localhost, to <toylet at localhost>
>
> --g9KGUAlZ000906.1035131410/server.donkeyware.org
> Content-Type: message/delivery-status
>
> Reporting-MTA: dns; server.donkeyware.org
> Received-From-MTA: DNS; localhost
> Arrival-Date: Mon, 21 Oct 2002 00:30:10 +0800
>
> Final-Recipient: RFC822; toylet at localhost
> X-Actual-Recipient: X-Unix; "|exec /usr/bin/procmail"
> Action: failed
> Status: 5.4.6
> Diagnostic-Code: X-Unix; 554 5.4.6 Too many hops
> Last-Attempt-Date: Mon, 21 Oct 2002 00:30:10 +0800
>
> --g9KGUAlZ000906.1035131410/server.donkeyware.org
> Content-Type: message/rfc822
> Content-Transfer-Encoding: 8bit
>
> Return-Path: <air2 at loveyou.net>
> Received: from localhost (localhost [127.0.0.1])
> by server.donkeyware.org (8.12.6/8.12.6) with ESMTP id
> g9KGU5la000900 for <toylet at localhost>; Mon, 21 Oct 2002 00:30:10
> +0800
> Received: from alumni.cityu.edu.hk [144.214.5.205]
> by localhost with POP3 (fetchmail-6.1.0)
> for toylet at localhost (single-drop); Mon, 21 Oct 2002 00:30:10
> +0800 (HKT)
> Received: from conversion-daemon.alumni.cityu.edu.hk by
> alumni.cityu.edu.hk
> (iPlanet Messaging Server 5.1 HotFix 1.4 (built Aug 5 2002))
> id <0H4800L01IIDKS at alumni.cityu.edu.hk> for 91857801 at ims-ms-daemon
> (ORCPT mw.chang at alumni.cityu.edu.hk); Sat, 19 Oct 2002 23:31:41 +0800
> (CST)
> Received: from cpccvh.cityu.edu.hk (cpccvh.cityu.edu.hk [144.214.2.7])
> by alumni.cityu.edu.hk
> (iPlanet Messaging Server 5.1 HotFix 1.4 (built Aug 5 2002))
> with ESMTP id <0H4800L43IQBKE at alumni.cityu.edu.hk> for
> 91857801 at ims-ms-daemon
> (ORCPT mw.chang at alumni.cityu.edu.hk); Sat, 19 Oct 2002 23:23:03 +0800
> (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvh.cityu.edu.hk (PMDF V6.0-025 #40607)
> with ESMTP id <01KNUHEMSDTY009KPX at cpccvh.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:49:48 +0800
> Received: from cpccvj.cityu.edu.hk (cpccvj.cityu.edu.hk [144.214.2.49])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2mWi06710 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:48:32 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvj.cityu.edu.hk (PMDF V6.0-24 #40607)
> with ESMTP id <01KNUHHLG5DO00QZMG at cpccvj.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:52:10 +0800
> Received: from cpccvh.cityu.edu.hk (cpccvh.cityu.edu.hk [144.214.2.7])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2m8i06487 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:48:08 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvh.cityu.edu.hk (PMDF V6.0-025 #40607)
> with ESMTP id <01KNUHDMTXV6009LI9 at cpccvh.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:48:58 +0800
> Received: from cpccvh.cityu.edu.hk (cpccvh.cityu.edu.hk [144.214.2.7])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2lii06257 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:47:44 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvh.cityu.edu.hk (PMDF V6.0-025 #40607)
> with ESMTP id <01KNUHD24TZS009DA2 at cpccvh.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:48:31 +0800
> Received: from cpccvj.cityu.edu.hk (cpccvj.cityu.edu.hk [144.214.2.49])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2lFi06017 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:47:15 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvj.cityu.edu.hk (PMDF V6.0-24 #40607)
> with ESMTP id <01KNUHFSCHBS00QZMG at cpccvj.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:50:42 +0800
> Received: from cpccvh.cityu.edu.hk (cpccvh.cityu.edu.hk [144.214.2.7])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2kei05705 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:46:40 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvh.cityu.edu.hk (PMDF V6.0-025 #40607)
> with ESMTP id <01KNUHBJFYQY009KPX at cpccvh.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:47:18 +0800
> Received: from cpccvh.cityu.edu.hk (cpccvh.cityu.edu.hk [144.214.2.7])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2k2i05374 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:46:02 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvh.cityu.edu.hk (PMDF V6.0-025 #40607)
> with ESMTP id <01KNUHAZ66JG009LI9 at cpccvh.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:46:51 +0800
> Received: from cpccvj.cityu.edu.hk (cpccvj.cityu.edu.hk [144.214.2.49])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2jYi05065 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:45:34 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvj.cityu.edu.hk (PMDF V6.0-24 #40607)
> with ESMTP id <01KNUHE33NM800LSPI at cpccvj.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:49:20 +0800
> Received: from cpccvj.cityu.edu.hk (cpccvj.cityu.edu.hk [144.214.2.49])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2jIi04896 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:45:18 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvj.cityu.edu.hk (PMDF V6.0-24 #40607)
> with ESMTP id <01KNUHDU0MD800QU6U at cpccvj.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:49:09 +0800
> Received: from cpccvh.cityu.edu.hk (cpccvh.cityu.edu.hk [144.214.2.7])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2j6i04818 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:45:06 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvh.cityu.edu.hk (PMDF V6.0-025 #40607)
> with ESMTP id <01KNUH9TDLG2009CHI at cpccvh.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:45:54 +0800
> Received: from cpccvj.cityu.edu.hk (cpccvj.cityu.edu.hk [144.214.2.49])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2ici04452 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:44:38 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvj.cityu.edu.hk (PMDF V6.0-24 #40607)
> with ESMTP id <01KNUHCXPFM200R2RF at cpccvj.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:48:25 +0800
> Received: from cpccvj.cityu.edu.hk (cpccvj.cityu.edu.hk [144.214.2.49])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2iMi04214 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:44:22 +0800 (CST)
> Received: from lisa.cityu.edu.hk ([144.214.5.205])
> by cpccvj.cityu.edu.hk (PMDF V6.0-24 #40607)
> with ESMTP id <01KNUHCDY83C00PG16 at cpccvj.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 10:48:01 +0800
> Received: from cpccvh.cityu.edu.hk (cpccvh.cityu.edu.hk [144.214.2.7])
> by lisa.cityu.edu.hk (8.11.6+Sun/8.11.6) with ESMTP id
> g9J2hsi03880 for
> <mw.chang at alumni.cityu.edu.hk>; Sat, 19 Oct 2002 10:43:54 +0800 (CST)
> Received: from loveyou.net ([61.172.24.215])
> by cpccvh.cityu.edu.hk (PMDF V6.0-025 #40607)
> with ESMTP id <01KNUEOYSWEI0098XJ at cpccvh.cityu.edu.hk> for
> mw.chang at alumni.cityu.edu.hk; Sat, 19 Oct 2002 09:31:50 +0800
> Date: Sat, 19 Oct 2002 09:45:08 +0800
> From: air2 <air2 at loveyou.net>
> Subject: =?GB2312?B?v9XG+LSyo62yu8XCsOG80g==?=
> To: mw.chang at alumni.cityu.edu.hk
> Reply-to: air2 at loveyou.net
> Message-id: <01KNUEOZ5M4S0098XJ at cpccvh.cityu.edu.hk>
> MIME-version: 1.0
> X-Mailer: FoxMail 3.11 Release [cn]
> Content-type: text/plain; charset=GB2312
> Content-transfer-encoding: 8BIT
> X-Priority: 3
>
>
> --
> .~. Swiftly. Silently. Invisibly. In Linux we trust.
> / v \ news://news.hkpcug.org
> /( _ )\ http://www.linux-sxs.org
> ^ ^ 2.4.19 8:45pm up 1 day, 20:18, 0 users, load average: 1.00,
> 1.01, 1.00
>
> _______________________________________________
> Linux-users mailing list
> Linux-users at linux-sxs.org
> Unsubscribe/Suspend/Etc ->
> http://www.linux-sxs.org/mailman/listinfo/linux-users
More information about the Linux-users
mailing list