From owner-freebsd-security Sat Mar 17 8:21:18 2001 Delivered-To: freebsd-security@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 23D9937B718 for ; Sat, 17 Mar 2001 08:21:14 -0800 (PST) (envelope-from des@ofug.org) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id RAA73701; Sat, 17 Mar 2001 17:21:12 +0100 (CET) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Per Christian Henden Cc: Subject: Re: weird error messages (at least I don't understand them) References: From: Dag-Erling Smorgrav Date: 17 Mar 2001 17:21:11 +0100 In-Reply-To: Per Christian Henden's message of "Fri, 16 Mar 2001 10:34:41 +0100 (MET)" Message-ID: Lines: 24 User-Agent: Gnus/5.0802 (Gnus v5.8.2) Emacs/20.4 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Per Christian Henden writes: > These entries (or something similar) also appears fairly frequently > (I replaced my real dns-name with "my.hostname.domain") > > Checking for rejected mail hosts: > 5 malvix.hist.no > 2 my.hostname.domain > 2 malvix.hist.no@my.hostname.domain > 1 1 1 1 1 <@myhostname.domain:kan2na@malvix.hist.no > > This looks kinda suspicous to me, what could it mean? It means malvix.hist.no is looking for an open relay to spam through. If I were you, I'd check /var/log/maillog* for occurrences of 'malvix', and send those to abuse@hist.no (or ask the admins at NTNU if they know who's in charge of HIST) DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message