From owner-freebsd-questions@FreeBSD.ORG Fri Mar 28 01:05:48 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 25A9A37B401 for ; Fri, 28 Mar 2003 01:05:48 -0800 (PST) Received: from bsdsi.homeunix.com (b121082.adsl.hansenet.de [62.109.121.82]) by mx1.FreeBSD.org (Postfix) with ESMTP id 361D043F93 for ; Fri, 28 Mar 2003 01:05:46 -0800 (PST) (envelope-from mm@bsdsi.com) Received: from bsdsi.homeunix.com (localhost [127.0.0.1]) by bsdsi.homeunix.com (8.12.8/8.12.8) with ESMTP id h2S94UUM001328 for ; Fri, 28 Mar 2003 10:04:30 +0100 (CET) (envelope-from mm@bsdsi.com) Received: (from mm@localhost) by bsdsi.homeunix.com (8.12.8/8.12.8/Submit) id h2S94U3e001327 for freebsd-questions@freebsd.org; Fri, 28 Mar 2003 10:04:30 +0100 (CET) X-Authentication-Warning: bsdsi.homeunix.com: mm set sender to mm@bsdsi.com using -f Date: Fri, 28 Mar 2003 10:04:30 +0100 From: Martin Moeller To: FreeBSD Questions Message-ID: <20030328090430.GA1262@bsdsi.homeunix.com> Mail-Followup-To: FreeBSD Questions Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit Priority: normal X-Operating-System: FreeBSD CURRENT, http://www.freebsd.org/ X-Mailer: Mutt 1.5.3i, http://www.mutt.org/ X-PGP: Send mail with subject 'send key pub' for public key! X-Location: Hamburg, Germany, European Union X-Uptime: 9:54am up 45 mins, 1 user, load averages: 0,08 0,21 0,16 User-Agent: Mutt/1.5.4i X-Spam-Status: No, hits=-11.0 required=5.0 tests=AWL,MAILTO_TO_SPAM_ADDR,USER_AGENT_MUTT,X_AUTH_WARNING autolearn=ham version=2.50 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.50 (1.173-2003-02-20-exp) Subject: System abused by spammer? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Mar 2003 09:05:49 -0000 Hi list, I have a vague feeling that some spammer is abusing my sendmail system. My installation is FreeBSD-CURRENT. Postmaster received some email saying, that some kind of mail cannot be delivered due configuration errors. I looked into the mail queue and found this, what definitely does not belong there! bsdsi# mailq -v /var/spool/mqueue (4 requests) -----Q-ID----- --Size-- -Priority- ---Q-Time--- --------Sender/Recipient-------- h2RGCDrC001502 1993 1111876 Mar 27 17:13 MAILER-DAEMON (Deferred: Connection refused by mail.craz-man.com.) (Deferred: Connection refused by mail.craz-man.com.) h2RC1iZw004629 225 1920349+Mar 27 13:01 (Deferred: Operation timed out with myvzw.com.) <_dwight@myvzw.com> (Deferred: Operation timed out with myvzw.com.) h2RBpSZw004575 1903 1951602 Mar 27 12:51 MAILER-DAEMON (Deferred: Connection refused by mail.craz-man.com.) (Deferred: Connection refused by mail.craz-man.com.) h2RBefZw004533 1861 2041596 Mar 27 12:40 MAILER-DAEMON (Deferred: Connection refused by mail.craz-man.com.) (Deferred: Connection refused by mail.craz-man.com.) Total requests: 4 /var/log/maillog also shows some strange entries: Mar 28 09:39:59 bsdsi sm-mta[1189]: h2RGCDrC001502: to=, delay=16:26:30, xdelay=0 Mar 28 09:41:15 bsdsi sm-mta[1189]: h2RC1iZw004629: to=<_dwight@myvzw.com>, delay=20:39:30, xdelay=00:01 Mar 28 09:41:15 bsdsi sm-mta[1189]: h2RBpSZw004575: to=, delay=20:49:47, xdelay=0 Mar 28 09:41:15 bsdsi sm-mta[1189]: h2RBefZw004533: to=, delay=21:00:34, xdelay=0 etc. I thought, sendmail rejects relaying per default. What can I do? (HELP!!! (!!!) ) Regards, Martin -- Martin Möller http://www.bsdsi.com/ GnuPG/PGP DSA ID: 0x3C979285 ICQ # 82221572 I do not accept unsolicited commercial mail. Do not spam me!