From owner-freebsd-questions@FreeBSD.ORG Sat Mar 21 16:57:25 2015 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E0F6E977 for ; Sat, 21 Mar 2015 16:57:25 +0000 (UTC) Received: from mail-ig0-x230.google.com (mail-ig0-x230.google.com [IPv6:2607:f8b0:4001:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id A0838CF1 for ; Sat, 21 Mar 2015 16:57:25 +0000 (UTC) Received: by igbqf9 with SMTP id qf9so10662945igb.1 for ; Sat, 21 Mar 2015 09:57:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :message-id:references:to; bh=8CGDhRsQDo6v6cFok6UzozyEFKNVFntBqIKR7js/pA4=; b=v8ZBM19tj2CMqzJM9h259Ujgp51lDHoCxUWGX3TYWERY2PNZa4CuIASatlIUCW0ndo icrgjax6J0k0Wkn0IKhBSF5OjoFUX5OZ/Y6gzBGO/yGYJPbi/ZVyPdprweaHPI60c4UV bDrXgm1DqtzEUMN5aZzOIM0wkOmEX/Mt9rqH6LQT3sYkC1WJLGeYH+lPP1P8iDi71Q+k HCXNlYUn+nioePwI2ygqC4Y5DAMucYMqPE7qqlVWgqTPq7DZ9k45nNch6qBdg1CZRHHi SmU2nfLok7AkszYQALZqAT6v8TG/zgeQtv5zcPXgMk1OVBAb+oRxOiAb9IkRTOgp3pcg 1Nxg== X-Received: by 10.50.118.97 with SMTP id kl1mr4141981igb.23.1426957044887; Sat, 21 Mar 2015 09:57:24 -0700 (PDT) Received: from [192.168.89.100] (192-171-49-199.cpe.pppoe.ca. [192.171.49.199]) by mx.google.com with ESMTPSA id w5sm1634982igk.7.2015.03.21.09.57.23 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Sat, 21 Mar 2015 09:57:23 -0700 (PDT) Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: 10.0 system issuing outbound packets to port 25 smtp to 66.96.214.197 From: The Lost Admin In-Reply-To: <550D8B0E.2020406@gmail.com> Date: Sat, 21 Mar 2015 12:57:21 -0400 Message-Id: <1B9D189E-4FD6-495D-8381-E0E3CFF5A2A2@gmail.com> References: <550D8B0E.2020406@gmail.com> To: Ernie Luzar X-Mailer: Apple Mail (2.1878.6) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: "freebsd-questions@freebsd.org" X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 21 Mar 2015 16:57:26 -0000 Ernie, Did you do an nslookup on the address in question? I did and it is = listed as part of the hostnoc.net domain. Googling that domain gets some = pretty fishy results in the top 10. The Lost Admin thelostadmin@gmail.com On Mar 21, 2015, at 11:15 AM, Ernie Luzar wrote: > My ipfilter firewall logs 2 outbound packets on port 25 every 70 = minuets. There is no LAN behind this box is it must be coming from the > freebsd 10.0 system or from one of the official installed ports I = have. > Sendmail is disabled and postfix is running in it's place. >=20 > 66.96.214.197,25 tcp is the target public ip address. >=20 > How should I go about finding the running task that is doing this??? > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"