From owner-freebsd-security Thu Nov 4 12:46:33 1999 Delivered-To: freebsd-security@freebsd.org Received: from frontiernet.net (node9.frontiernet.net [209.130.129.194]) by hub.freebsd.org (Postfix) with ESMTP id C093914C86 for ; Thu, 4 Nov 1999 12:46:29 -0800 (PST) (envelope-from pani@frontiernet.net) Received: from frontiernet.net (209-130-164-150.nas1.APV.gblx.net [209.130.164.150]) by frontiernet.net (8.8.8a/8.8.8) with ESMTP id PAA99784 for ; Thu, 4 Nov 1999 15:46:27 -0500 Message-ID: <3821EFEE.D6B4ED33@frontiernet.net> Date: Thu, 04 Nov 1999 14:43:26 -0600 From: Sandipan Panigrahi X-Mailer: Mozilla 4.5 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: bsdsecurity Subject: sendmail connections staying open. Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org sendmail 8.9.3 A "ps xo command | grep sendmail" on my BSD box I get this output. sendmail: accepting connections on port 25 (sendmail) sendmail: server pppdslc242.mpls.uswest.net [216.160.21.242] cmd read (sendmail) sendmail: server pppdslc242.mpls.uswest.net [216.160.21.242] child wait (sendmail) sendmail: server wagner.kaist.ac.kr [143.248.146.22] child wait (sendmail) sendmail: OAA03852 wagner.kaist.ac.kr [143.248.146.22]: DATA (sendmail) sendmail: server [209.247.75.220] child wait (sendmail) sendmail: OAA03864 [209.247.75.220]: DATA (sendmail) And in the maillog I see : Nov 4 12:11:05 greenberg sendmail[3643]: LAA03643: from=, size= 0, class=0, pri=30000, nrcpts=1, msgid=<199911041711.LAA03643@netsurfin.com>, proto=SMTP, relay=wagner.kaist.ac.kr [143.248.146.22] Nov 4 13:11:23 greenberg sendmail[3692]: MAA03692: timeout waiting for input from wagner .kaist.ac.kr during message collect And I sent e-mail from pppdslc242.mpls.uswest.net to root@greenberg.com with the mail server set to greenberg.com. though I receive the mail the cmd read and child wait lines keep showing up and stay there even after the email is delivered. Is the system compromised ? Or is there some kind of timeout that I need to set for sendmail to cleanup its connections ? Thanks for any information, pani To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message