From owner-freebsd-security Tue Apr 6 17:10:25 1999 Delivered-To: freebsd-security@freebsd.org Received: from bureau6.utcc.utoronto.ca (bureau6.utcc.utoronto.ca [128.100.132.16]) by hub.freebsd.org (Postfix) with ESMTP id 7D66015453 for ; Tue, 6 Apr 1999 17:10:23 -0700 (PDT) (envelope-from pc.mackenzie@utoronto.ca) Received: from cgowave-45-163.cgocable.net ([24.226.45.163] HELO pauler.homer.com ident: NO-IDENT-SERVICE [port 2792]) by bureau6.utcc.utoronto.ca with SMTP id <180192-29358>; Tue, 6 Apr 1999 20:08:12 -0400 Message-Id: <4.1.19990406200132.00992430@mail.elehost.com> X-Sender: pc.mackenzie@mailbox21.utcc.utoronto.ca X-Mailer: QUALCOMM Windows Eudora Pro Version 4.1 Date: Tue, 06 Apr 1999 20:07:42 -0400 To: freebsd-security@FreeBSD.ORG From: Paul MacKenzie Subject: Should I be worried, Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Quick message to allay a few fears. The other day I found this in the logs... Apr 3 06:43:44 server popper[20031]: @m-burg-01.rewiss.fu-berlin.de: -ERR POP EOF received Apr 3 06:43:45 server /kernel: ipfw: 13610 Accept TCP 160.45.166.130:22904 xxx.xxx.xxx.xxx:23 in via ed0 Apr 3 06:43:45 server /kernel: ipfw: 13610 Accept TCP 160.45.166.130:22904 xxx.xxx.xxx.xxx:23 out via ed1 (the xxx.xxx.xxx.xxx address being the same above in both cases) This person was obviously an outsider because I have no clients in this part of the world. Any thoughts on why Qpopper send this back assuming they have no access to any e-mail addresses? As well the above error was shown a number of times for different addresses (as though a scanner was run on a certain subnet mask). Should I be concerned? Thanks for any insight and discussion this opens up, Sincerely Paul To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message