Date: Fri, 22 Feb 2002 15:39:40 -0500 From: "Brent" <brentb@loa.com> To: "Remington L." <madriax@garlic.com>, <freebsd-questions@FreeBSD.org> Subject: Re: Very unusual behavior Message-ID: <019c01c1bbe1$0d614a00$37b4a8c0@pretorian> References: <000a01c1bbde$e2b74540$82038bd8@admin>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] means someone tried useing your sendmail to "relay" thru this is used alot by spammers...sendmail has bigtime exploits in the way of "open relays" esspcially in older versions. try postfix brent ----- Original Message ----- From: Remington L. To: freebsd-questions@FreeBSD.org Sent: Friday, February 22, 2002 3:24 PM Subject: Very unusual behavior Last night I did a fresh install of FBSD 4.4. I got on the net and began CVSuping 4.5. during this I noticed an unusual sendmail error(thingy): Feb 22 01:55:22 sendmail[948]: g1M9tMj00948: from=<smtp2001soho@yahoo.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA, relay=[217.226.84.195] Feb 22 12:14:40 sendmail[159]: starting daemon (8.11.6): SMTP+queueing@00:30:00 Why the hell does this mean? Why did it do this? And how do I fix it? [-- Attachment #2 --] <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> <HTML xmlns="http://www.w3.org/TR/REC-html40" xmlns:o = "urn:schemas-microsoft-com:office:office" xmlns:w = "urn:schemas-microsoft-com:office:word" xmlns:st1 = "urn:schemas-microsoft-com:office:smarttags"><HEAD> <META http-equiv=Content-Type content="text/html; charset=iso-8859-1"> <META content=Word.Document name=ProgId> <META content="MSHTML 5.50.4807.2300" name=GENERATOR> <META content="Microsoft Word 10" name=Originator><LINK href="cid:filelist.xml@01C1BB9B.D0C08F10" rel=File-List><o:SmartTagType name="time" namespaceuri="urn:schemas-microsoft-com:office:smarttags"></o:SmartTagType><!--[if gte mso 9]><xml> <o:OfficeDocumentSettings> <o:DoNotRelyOnCSS/> </o:OfficeDocumentSettings> </xml><![endif]--><!--[if gte mso 9]><xml> <w:WordDocument> <w:SpellingState>Clean</w:SpellingState> <w:GrammarState>Clean</w:GrammarState> <w:DocumentKind>DocumentEmail</w:DocumentKind> <w:EnvelopeVis/> <w:Compatibility> <w:BreakWrappedTables/> <w:SnapToGridInCell/> <w:WrapTextWithPunct/> <w:UseAsianBreakRules/> </w:Compatibility> <w:BrowserLevel>MicrosoftInternetExplorer4</w:BrowserLevel> </w:WordDocument> </xml><![endif]--><!--[if !mso]> <STYLE>st1\:* { BEHAVIOR: url(#default#ieooui) } </STYLE> <![endif]--> <STYLE> <!-- /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-parent:""; margin:0in; margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:12.0pt; font-family:"Times New Roman"; mso-fareast-font-family:"Times New Roman";} a:link, span.MsoHyperlink {color:blue; text-decoration:underline; text-underline:single;} a:visited, span.MsoHyperlinkFollowed {color:purple; text-decoration:underline; text-underline:single;} span.EmailStyle17 {mso-style-type:personal-compose; mso-style-noshow:yes; mso-ansi-font-size:10.0pt; mso-bidi-font-size:10.0pt; font-family:Arial; mso-ascii-font-family:Arial; mso-hansi-font-family:Arial; mso-bidi-font-family:Arial; color:windowtext;} span.SpellE {mso-style-name:""; mso-spl-e:yes;} span.GramE {mso-style-name:""; mso-gram-e:yes;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.25in 1.0in 1.25in; mso-header-margin:.5in; mso-footer-margin:.5in; mso-paper-source:0;} div.Section1 {page:Section1;} --> </STYLE> <!--[if gte mso 10]> <style> /* Style Definitions */ table.MsoNormalTable {mso-style-name:"Table Normal"; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-parent:""; mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-para-margin:0in; mso-para-margin-bottom:.0001pt; mso-pagination:widow-orphan; font-size:10.0pt; font-family:"Times New Roman";} </style> <![endif]--></HEAD> <BODY lang=EN-US style="tab-interval: .5in" vLink=purple link=blue bgColor=#ffffff> <DIV> <DIV><FONT face=Arial size=2>means someone tried useing your sendmail to "relay" thru this is used alot by spammers...sendmail has bigtime exploits in the way of "open relays"</FONT></DIV> <DIV><FONT face=Arial size=2>esspcially in older versions.</FONT></DIV> <DIV><FONT face=Arial size=2>try postfix</FONT></DIV> <DIV><FONT face=Arial size=2></FONT> </DIV> <DIV><FONT face=Arial size=2>brent</FONT></DIV></DIV> <BLOCKQUOTE dir=ltr style="PADDING-RIGHT: 0px; PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #000000 2px solid; MARGIN-RIGHT: 0px"> <DIV style="FONT: 10pt arial">----- Original Message ----- </DIV> <DIV style="BACKGROUND: #e4e4e4; FONT: 10pt arial; font-color: black"><B>From:</B> <A title=madriax@garlic.com href="mailto:madriax@garlic.com">Remington L.</A> </DIV> <DIV style="FONT: 10pt arial"><B>To:</B> <A title=freebsd-questions@FreeBSD.org href="mailto:freebsd-questions@FreeBSD.org">freebsd-questions@FreeBSD.org</A> </DIV> <DIV style="FONT: 10pt arial"><B>Sent:</B> Friday, February 22, 2002 3:24 PM</DIV> <DIV style="FONT: 10pt arial"><B>Subject:</B> Very unusual behavior</DIV> <DIV><BR></DIV> <DIV class=Section1> <P class=MsoNormal><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Last night I did a fresh install of FBSD 4.4. I got on the net and began <SPAN class=SpellE>CVSuping</SPAN> 4.5. <SPAN class=GramE>during</SPAN> this I noticed an unusual <SPAN class=SpellE>sendmail</SPAN> error(thingy):<o:p></o:p></SPAN></FONT></P> <P class=MsoNormal><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Feb 22 </SPAN></FONT><st1:time Minute="55" Hour="13"><SPAN class=GramE><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">01:55:22</SPAN></FONT></SPAN></st1:time><SPAN class=GramE><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><SPAN style="mso-spacerun: yes"> </SPAN><SPAN class=SpellE>sendmail</SPAN></SPAN></FONT></SPAN><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">[948]: g1M9tMj00948: from=<<A href="mailto:smtp2001soho@yahoo.com">smtp2001soho@yahoo.com</A>>, <o:p></o:p></SPAN></FONT></P> <P class=MsoNormal><SPAN class=GramE><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">size=</SPAN></FONT></SPAN><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">0, class=0, <SPAN class=SpellE>nrcpts</SPAN>=0, proto=SMTP, daemon=MTA, relay=[217.226.84.195]<o:p></o:p></SPAN></FONT></P> <P class=MsoNormal><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Feb 22 </SPAN></FONT><st1:time Minute="14" Hour="12"><SPAN class=GramE><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">12:14:40</SPAN></FONT></SPAN></st1:time><SPAN class=GramE><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><SPAN style="mso-spacerun: yes"> </SPAN><SPAN class=SpellE>sendmail</SPAN></SPAN></FONT></SPAN><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">[159]: starting daemon (8.11.6): SMTP+queueing@00:30:00<o:p></o:p></SPAN></FONT></P> <P class=MsoNormal><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P> <P class=MsoNormal><FONT face=Arial size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Why the hell does this mean? Why did it do this? And how do I fix it?<o:p></o:p></SPAN></FONT></P></DIV></BLOCKQUOTE></BODY></HTML>help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?019c01c1bbe1$0d614a00$37b4a8c0>