Date: Thu, 23 Apr 1998 11:03:59 -0600 From: Blaine Minazzi <bminazzi@w3page.com> To: ISP@FreeBSD.ORG Subject: Re: Whats this?? Message-ID: <353F747F.421098FA@w3page.com> References: <353F6DE5.30C680DC@w3page.com> <353F713A.3600E6DE@tdx.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
Karl Pielorz wrote: > This means they attached to your SMTP port, and quit before saying 'HELO' or > telling it to do anything... > > > Apr 23 09:16:21 xenu sendmail[615]: NOQUEUE: SYSERR(root): Cannot open > > hash database /etc/mail/popauth.db: Inappropriate file type or format > > This might be worrying... It depends on your sendmail config, although if > it's 'suddenly' appeared, it's your system - and you don't know what it is - > then it might mean problems... Someone else may be able to shed more light > on this one... > > If you find yourself open to sendmail abuse - have a look around > www.sendmail.org - they have patches etc. for Sendmail which can stop your > system from being used as a RELAY for other peoples mail (which is what it > sounds like is happening to you!) - and for creating lists of known > 'offenders' to blcok from Sendmail access etc. > > You should also check your running a recent version of sendmail, 8.8.6 is > probably as old as I'd like to be running at the moment... ;-) Thanks... I currently have 8.8.8, with the anti relaying patches also the RBL stuff, with POP Before Sendmail so my customers can relay, but no one else... I also maintain a list of annoying IP addresses that I deny mail access to. But, last night I have recieved over 700 of these connections, and was concerned that there might be some form of attack going on, Since I found the system loaded down with sendmail processes, with lots of open connections. I thought perhaps there might be some new hole that someone is using to do a D.O.S. attack, or, a new way to get around my anti-spam, anti-relay patches. Blaine. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?353F747F.421098FA>