[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Email relaying from localhost?
- Subject: Re: [cobalt-users] Email relaying from localhost?
- From: Gerald Waugh <gwaugh@xxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon Feb 18 19:57:34 2002
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Mon, 18 Feb 2002, Curtis Ross wrote:
> Hello All,
> I'm hoping someone can give me some ideas as to how this is happening.
> On Friday all of a sudden I had what looks like a whole bunch of mail go
> blasting through my server. The only reason (other than seeing it in the
> log) was one bounced back and my catch-all grabbed it.
> To me it looks like the mail is coming from my local host. I know who is
> doing it, but I can't figure out how.
> There is only 2 admins that have access to our servers. They are the
> only ones with SSH. We do allow cgi & forms but I checked his site and
> neither exist. We don't allow relaying or SMTP traffic other than
> through the use of forms.
> I know the user is using mail2web.com (168.144.108.64)to get his mail.
> Am I just reading this wrong or is this guy blasting email through our
> servers? None of the recipients are located on our servers.
> The server in question is a RAQ4r with all the patches and updates
> except for the OS-2 update.
> Sorry for the big log snip.
>
> Feb 15 15:55:15 www sendmail[4272]: g1FMtEn04272: from=httpd, size=794,
> class=0, nrcpts=1, msgid=<200202152255.g1FMtEn04272@xxxxxxxxxxxxxxxx>,
> relay=httpd@localhost
If www.myserver.com is your server, it has to be mail to - from domains on the
server.
--
Gerald Waugh