Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

unauthorized spam relay!

0 views

Skip to first unread message

mwo...@substantis.com

unread,

Nov 11, 2004, 8:53:19 PM11/11/04

I have suddenly found a number of apparent relays coming from
postfix-2.0.18-4 server on fedora core 2. my postconf -n follows at the
end of this message. No forwarding is authorized on my mail server. I
ran a relay test against my server at
http://www.abuse.net/cgi-bin/relaytest and all came back "Relay access
denied."

i discovered the problem from my daily report from pflogsumm showing an
unusual number of messages delivered almost all of them between the hours
of 4:00 and 5:00 am local time. I have provided an excerpt below from th=
e
grep i ran against my log. Can someone please tell me what I have done
wrong and how to stop this relaying?

****************************************************************
cat /var/maillog | grep relay > relaytest
Nov 11 03:40:28 testy sendmail[6137]: iAB8eS8W006137: from=3Dnobody,
size=3D699, class=3D0, nrcpts=3D1,
msgid=3D<200411110840....@testy.substantis.com>,
relay=3Dnobody@localhost
Nov 11 03:40:29 testy sendmail[6137]: iAB8eS8W006137:
to=3Dedwi...@terra.com, ctladdr=3Dnobody (99/99), delay=3D00:00:01,
xdelay=3D00:00:01, mailer=3Drelay, pri=3D30699, relay=3D[127.0.0.1] [127.=
0.0.1],
dsn=3D2.0.0, stat=3DSent (Ok: queued as E0A403B062C)
Nov 11 03:40:30 testy postfix/smtp[6142]: E0A403B062C:
to=3D<edwin...@terra.com>, relay=3Dmail-vip2.terra.com[206.221.207.196=
],
delay=3D2, status=3Dsent (250 Ok: queued as 77B6C214073)
Nov 11 04:03:40 testy sendmail[6472]: iAB93efD006472: from=3Droot,
size=3D14788, class=3D0, nrcpts=3D1,
msgid=3D<200411110903....@testy.substantis.com>,
relay=3Droot@localhost
Nov 11 04:03:41 testy sendmail[6472]: iAB93efD006472: to=3Droot,
ctladdr=3Droot (0/0), delay=3D00:00:01, xdelay=3D00:00:01, mailer=3Drelay=
,
pri=3D44788, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSent (O=
k: queued
as 020613B062C)
Nov 11 04:03:41 testy postfix/local[6481]: 020613B062C:
to=3D<m...@substantis.com>, orig_to=3D<ro...@testy.substantis.com>, relay=3D=
local,
delay=3D0, status=3Dsent (mailbox)
Nov 11 04:09:24 testy sendmail[6286]: iAB92V9o006286: from=3Dnobody,
size=3D9827, class=3D0, nrcpts=3D252,
msgid=3D<200411110902....@testy.substantis.com>,
relay=3Dnobody@localhost
Nov 11 04:09:24 testy sendmail[8324]: iAB958Gk008324: from=3Dnobody,
size=3D9827, class=3D0, nrcpts=3D252,
msgid=3D<200411110905....@testy.substantis.com>,
relay=3Dnobody@localhost
Nov 11 04:09:24 testy sendmail[9161]: iAB96ZRb009161: from=3Dnobody,
size=3D7881, class=3D0, nrcpts=3D252,
msgid=3D<200411110906....@testy.substantis.com>,
relay=3Dnobody@localhost
Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:
to=3Dber...@telus.net,bern...@telus.net,bern...@hotmail.com,bestcar=
egi...@hotmail.com,betsy...@hotmail.com,bet...@hotmail.com,bfryvr@tel=
us.net,bgar...@rockies.net,big...@webhart.net,bigbla...@shaw.ca,bigd=
ogres...@yahoo.ca.,bj...@gmx.de,blom...@telus.net,bme...@shaw.ca,bmess=
n...@ccsb.ca,bo...@axion.net,bpr...@sk.cancer.ca,braz...@canada.com,brel=
k...@ccsb.ca,brin...@telus.net,bri...@arrakis.es,br...@pacificcoast.net,=
bro...@thesanctuary.ca,bryd...@futurenet.bc.ca,bshan...@hotmail.com,bs=
h...@mcdougallgauley.com,bsm...@rogers.com,bun...@direct.ca,burgi_rommel@=
hotmail.com,bvh...@telus.net,bze...@yahoo.com,c.nac...@codetel.net.do=
,cai_...@hotmail.com,cak...@hotmail.com,camsm...@hotmail.com,canh2op=
o...@aol.com,carole...@shaw.ca,
[more], ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01,
mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 604853B062E)
Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:
to=3Dcarol...@hotmail.com,casey...@hotmail.com,cassa...@shaw.ca,=
ccac...@ccachiro.org,cci-...@camaralima.org.pe,cd...@telus.net,celsow@op=
enlink.com.br,ce...@horyzon.ch,cg...@cgcc.org.hk,chaille...@msn.com,cha=
mb...@chamber.org.hk,chamel...@primus.ca,chay...@home.com,chaylett@sh=
aw.ca,chc...@telusplanet.net,chiro...@t-online.de,chirolee@shinbiro.c=
om,chris...@shaw.ca,chris...@oze-mail.com.au.,cjr...@cw.bc.ca,cjstme=
mber...@mailcity.com,cko...@shaw.ca,ckop...@telus.net,clejeune_ywca@com=
puserve.com,cl...@vision.net.au.,cmen...@campus.ccm.itesm.mx,cm...@aol.co=
m,cm...@interlog.com,c...@interchange.ubc.ca,c...@sailing.org.hk,colin@pflag=
vancouver.com,communi...@transalliancesociety.org,comoxvalleypflag@sh=
aw.ca,conl...@aol.com,
[more], ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01,
mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 604853B062E)
Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:
to=3Dco...@alz.ro,con...@francealzheimer.com,con...@franchise.org.nz,=
coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cowboy@isla=
nd.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,crocu=
s...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hine=
t.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_service@1freemail.=
com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.mansou=
r...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswithhorse=
sjo...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.com,=
edwinb...@hotmail.com,rufus...@yahoo.com,
ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01, mailer=3Dr=
elay,
pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSent =
(Ok:
queued as 604853B062E)
Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:
to=3Dber...@telus.net,bern...@telus.net,bern...@hotmail.com,bestcar=
egi...@hotmail.com,betsy...@hotmail.com,bet...@hotmail.com,bfryvr@tel=
us.net,bgar...@rockies.net,big...@webhart.net,bigbla...@shaw.ca,bigd=
ogres...@yahoo.ca.,bj...@gmx.de,blom...@telus.net,bme...@shaw.ca,bmess=
n...@ccsb.ca,bo...@axion.net,bpr...@sk.cancer.ca,braz...@canada.com,brel=
k...@ccsb.ca,brin...@telus.net,bri...@arrakis.es,br...@pacificcoast.net,=
bro...@thesanctuary.ca,bryd...@futurenet.bc.ca,bshan...@hotmail.com,bs=
h...@mcdougallgauley.com,bsm...@rogers.com,bun...@direct.ca,burgi_rommel@=
hotmail.com,bvh...@telus.net,bze...@yahoo.com,c.nac...@codetel.net.do=
,cai_...@hotmail.com,cak...@hotmail.com,camsm...@hotmail.com,canh2op=
o...@aol.com,carole...@shaw.ca,
[more], ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01,
mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 54B493B062C)
Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:
to=3Dcarol...@hotmail.com,casey...@hotmail.com,cassa...@shaw.ca,=
ccac...@ccachiro.org,cci-...@camaralima.org.pe,cd...@telus.net,celsow@op=
enlink.com.br,ce...@horyzon.ch,cg...@cgcc.org.hk,chaille...@msn.com,cha=
mb...@chamber.org.hk,chamel...@primus.ca,chay...@home.com,chaylett@sh=
aw.ca,chc...@telusplanet.net,chiro...@t-online.de,chirolee@shinbiro.c=
om,chris...@shaw.ca,chris...@oze-mail.com.au.,cjr...@cw.bc.ca,cjstme=
mber...@mailcity.com,cko...@shaw.ca,ckop...@telus.net,clejeune_ywca@com=
puserve.com,cl...@vision.net.au.,cmen...@campus.ccm.itesm.mx,cm...@aol.co=
m,cm...@interlog.com,c...@interchange.ubc.ca,c...@sailing.org.hk,colin@pflag=
vancouver.com,communi...@transalliancesociety.org,comoxvalleypflag@sh=
aw.ca,conl...@aol.com,
[more], ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01,
mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 54B493B062C)
Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:
to=3Dco...@alz.ro,con...@francealzheimer.com,con...@franchise.org.nz,=
coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cowboy@isla=
nd.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,crocu=
s...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hine=
t.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_service@1freemail.=
com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.mansou=
r...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswithhorse=
sjo...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.com,=
edwinb...@hotmail.com,rufus...@yahoo.com,
ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01, mailer=3Dr=
elay,
pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSent =
(Ok:
queued as 54B493B062C)
Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:
to=3Dber...@telus.net,bern...@telus.net,bern...@hotmail.com,bestcar=
egi...@hotmail.com,betsy...@hotmail.com,bet...@hotmail.com,bfryvr@tel=
us.net,bgar...@rockies.net,big...@webhart.net,bigbla...@shaw.ca,bigd=
ogres...@yahoo.ca.,bj...@gmx.de,blom...@telus.net,bme...@shaw.ca,bmess=
n...@ccsb.ca,bo...@axion.net,bpr...@sk.cancer.ca,braz...@canada.com,brel=
k...@ccsb.ca,brin...@telus.net,bri...@arrakis.es,br...@pacificcoast.net,=
bro...@thesanctuary.ca,bryd...@futurenet.bc.ca,bshan...@hotmail.com,bs=
h...@mcdougallgauley.com,bsm...@rogers.com,bun...@direct.ca,burgi_rommel@=
hotmail.com,bvh...@telus.net,bze...@yahoo.com,c.nac...@codetel.net.do=
,cai_...@hotmail.com,cak...@hotmail.com,camsm...@hotmail.com,canh2op=
o...@aol.com,carole...@shaw.ca,
[more], ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02,
mailer=3Drelay, pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 5A9E63B062D)
Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:
to=3Dcarol...@hotmail.com,casey...@hotmail.com,cassa...@shaw.ca,=
ccac...@ccachiro.org,cci-...@camaralima.org.pe,cd...@telus.net,celsow@op=
enlink.com.br,ce...@horyzon.ch,cg...@cgcc.org.hk,chaille...@msn.com,cha=
mb...@chamber.org.hk,chamel...@primus.ca,chay...@home.com,chaylett@sh=
aw.ca,chc...@telusplanet.net,chiro...@t-online.de,chirolee@shinbiro.c=
om,chris...@shaw.ca,chris...@oze-mail.com.au.,cjr...@cw.bc.ca,cjstme=
mber...@mailcity.com,cko...@shaw.ca,ckop...@telus.net,clejeune_ywca@com=
puserve.com,cl...@vision.net.au.,cmen...@campus.ccm.itesm.mx,cm...@aol.co=
m,cm...@interlog.com,c...@interchange.ubc.ca,c...@sailing.org.hk,colin@pflag=
vancouver.com,communi...@transalliancesociety.org,comoxvalleypflag@sh=
aw.ca,conl...@aol.com,
[more], ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02,
mailer=3Drelay, pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 5A9E63B062D)
Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:
to=3Dco...@alz.ro,con...@francealzheimer.com,con...@franchise.org.nz,=
coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cowboy@isla=
nd.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,crocu=
s...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hine=
t.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_service@1freemail.=
com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.mansou=
r...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswithhorse=
sjo...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.com,=
edwinb...@hotmail.com,rufus...@yahoo.com,
ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02, mailer=3Dr=
elay,
pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSent =
(Ok:
queued as 5A9E63B062D)
Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:
to=3Dadm...@amnesty.org,ad...@diabetesaustralia.com.au,admin@japansocie=
tycanada.com,ad...@tsbcps.edu.hk,ad...@ywca.org.sg,ae...@bbsi.net,aefvalen=
c...@franquiciadores.com,a...@aem-aem.es,aer...@uniserve.com,afcde01@unitel=
.co.kr,ag....@omaf.gov.on.ca,ake...@telus.net,ala...@thesanctuary.ca,al=
ana...@telus.net,al...@dccnet.com,alison...@yahoo.ca,al...@shaw.ca,al=
m...@satlink.com,alvina...@hotmail.com,a...@bluewin.ch,alzc...@adsl.tie=
.cl,alzg...@quetzal.net,alzhc...@yahoo.com,alzh...@alzscot.org,alzhe=
im...@cin.es,alzh...@hellasnet.gr,alzh...@netcabo.pt,alzheimer_pl@hotm=
ail.com,alzheime...@via.at,alzheime...@hotmail.com,alzheimerpr=
@alzheimerpr.org,alzhei...@pacific.net.sg,alzhe...@alzheimers.org.n=
z,alzhe...@pd.jaring.my,
[more], ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01,
mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 7018A3B0630)
Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:
to=3Dalzheimer...@serendib.ws,alzheim...@ttnet.net.tr,alzhei=
m...@md2.vsnl.net.in,al...@tin.it,alz...@cantv.net,amacd...@pphm.com,amas=
hour...@yahoo.com,amc...@amcham.org.hk,ame...@telus.net,amf...@shaw.ca.=
,am...@prodigy.net.mx,amief...@hotmail.com,amy...@satexas.com,andraspolo=
@hotmail.com,andylit...@hotmail.com,an...@tstt.net.tt,annfogler@sbcgl=
obal.net,ant...@pcnet.ro,antonia...@shaw.ca,aoz...@domi.com.tr,aped=
er...@cw.bc.ca,a...@apfranchise.org,apron...@yahoo.ca,a...@cam.org,aqpr@=
hotmail.com,arab...@hotmail.com,arco....@ping.be,arintl@netvigator.c=
om,arni...@primus.ca,aros...@telus.net,ar...@bellnet.ca,arrowsmithpc@s=
haw.ca,arz...@yahoo.com,asc...@msn.com,ashg...@shaw.ca,ashleyk@sequoiac=
hurch.org,asiancon...@shaw.ca,
[more], ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01,
mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 7018A3B0630)
Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:
to=3Dasia...@shaw.ca,asoci...@alzheimerperu.org,aspra...@yahoo.com=
,assofra...@assofranchising.it,aub...@hotmail.com,aud...@adinet.co=
m.uy,audr...@shaw.ca,a...@mail.arts.ubc.ca,aust...@austcham.com.hk,aydin=
@politics.ankara.edu.tr,baby...@sympatico.ca,baby...@thesanctuary.ca,=
bachi...@geront.kiev.ua,b...@paradise.net.nz.,ba...@visualnet.on.ca,basw=
i...@telus.net,bbe...@cw.bc.ca,bblo...@telusplanet.net,bbo...@ccsb.ca,bc=
@editors.ca,bcar...@ccsb.ca,bcftmn...@off-gridsolutions.ca,bcwaterpol=
o...@telus.net,bda...@ccsb.ca,bdec...@kellencompany.com,beekeeper82@yahoo.=
com,belt...@advisorsgroup.net,ben.r...@gmail.com,benevolence_balintawa=
k...@yahoo.com,
ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01, mailer=3Dr=
elay,
pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSent =
(Ok:
queued as 7018A3B0630)
Nov 11 04:09:26 testy sendmail[6286]: iAB92V9o006286:
to=3Dadm...@amnesty.org,ad...@diabetesaustralia.com.au,admin@japansocie=
tycanada.com,ad...@tsbcps.edu.hk,ad...@ywca.org.sg,ae...@bbsi.net,aefvalen=
c...@franquiciadores.com,a...@aem-aem.es,aer...@uniserve.com,afcde01@unitel=
.co.kr,ag....@omaf.gov.on.ca,ake...@telus.net,ala...@thesanctuary.ca,al=
ana...@telus.net,al...@dccnet.com,alison...@yahoo.ca,al...@shaw.ca,al=
m...@satlink.com,alvina...@hotmail.com,a...@bluewin.ch,alzc...@adsl.tie=
.cl,alzg...@quetzal.net,alzhc...@yahoo.com,alzh...@alzscot.org,alzhe=
im...@cin.es,alzh...@hellasnet.gr,alzh...@netcabo.pt,alzheimer_pl@hotm=
ail.com,alzheime...@via.at,alzheime...@hotmail.com,alzheimerpr=
@alzheimerpr.org,alzhei...@pacific.net.sg,alzhe...@alzheimers.org.n=
z,alzhe...@pd.jaring.my,
[more], ctladdr=3Dnobody (99/99), delay=3D00:06:55, xdelay=3D00:00:01,
mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0=
.0,
stat=3DSent (Ok: queued as 6A2913B062F)

**********************************
my postconf -n

debug_peer_level =3D 2
inet_interfaces =3D all
mail_owner =3D postfix
mailbox_size_limit =3D 0
mailq_path =3D /usr/bin/mailq.postfix
manpage_directory =3D /usr/share/man
masquerade_domains =3D $mydomain
mydestination =3D $myhostname, localhost.$mydomain, $mydomain
mydomain =3D substantis.com
myhostname =3D testy.substantis.com
mynetworks =3D 192.168.0.0/24, 192.168.202.0/24, 127.0.0.0/8
myorigin =3D $mydomain
newaliases_path =3D /usr/bin/newaliases.postfix
queue_directory =3D /var/spool/postfix
readme_directory =3D /usr/share/doc/postfix-2.1.0-documentation/readme
relay_domains =3D $mydestination, 127.0.0.1
sample_directory =3D /etc/postfix/samples
sendmail_path =3D /usr/sbin/sendmail.postfix
setgid_group =3D postdrop
unknown_local_recipient_reject_code =3D 450
virtual_alias_domains =3D lubuto.org, familynetpix.com, mrcstudio.com,
danielleworden.com, nelsonbeaudoin.com
virtual_alias_maps =3D hash:/etc/postfix/virtual

David Cary Hart

unread,

Nov 11, 2004, 9:12:04 PM11/11/04

On Thu, 2004-11-11 at 20:57 -0500, mwo...@substantis.com wrote:
> I have suddenly found a number of apparent relays coming from
> postfix-2.0.18-4 server on fedora core 2. my postconf -n follows at the
> end of this message. No forwarding is authorized on my mail server. I
> ran a relay test against my server at
> http://www.abuse.net/cgi-bin/relaytest and all came back "Relay access
> denied."

I see that you are running Squirrel. Is it secure?

>
> i discovered the problem from my daily report from pflogsumm showing an
> unusual number of messages delivered almost all of them between the hours

> of 4:00 and 5:00 am local time. I have provided an excerpt below from the

> grep i ran against my log. Can someone please tell me what I have done
> wrong and how to stop this relaying?
>
> ****************************************************************
> cat /var/maillog | grep relay > relaytest

> Nov 11 03:40:28 testy sendmail[6137]: iAB8eS8W006137: from=nobody,
> size=699, class=0, nrcpts=1,
> msgid=<200411110840....@testy.substantis.com>,
> relay=nobody@localhost

> Nov 11 03:40:29 testy sendmail[6137]: iAB8eS8W006137:

> to=edwin...@terra.com, ctladdr=nobody (99/99), delay=00:00:01,
> xdelay=00:00:01, mailer=relay, pri=30699, relay=[127.0.0.1] [127.0.0.1],
> dsn=2.0.0, stat=Sent (Ok: queued as E0A403B062C)

> Nov 11 03:40:30 testy postfix/smtp[6142]: E0A403B062C:

> to=<edwin...@terra.com>, relay=mail-vip2.terra.com[206.221.207.196],
> delay=2, status=sent (250 Ok: queued as 77B6C214073)
> Nov 11 04:03:40 testy sendmail[6472]: iAB93efD006472: from=root,
> size=14788, class=0, nrcpts=1,
> msgid=<200411110903....@testy.substantis.com>,
> relay=root@localhost
> Nov 11 04:03:41 testy sendmail[6472]: iAB93efD006472: to=root,
> ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:01, mailer=relay,
> pri=44788, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued

> as 020613B062C)
> Nov 11 04:03:41 testy postfix/local[6481]: 020613B062C:

> to=<m...@substantis.com>, orig_to=<ro...@testy.substantis.com>, relay=local,
> delay=0, status=sent (mailbox)
> Nov 11 04:09:24 testy sendmail[6286]: iAB92V9o006286: from=nobody,
> size=9827, class=0, nrcpts=252,
> msgid=<200411110902....@testy.substantis.com>,
> relay=nobody@localhost
> Nov 11 04:09:24 testy sendmail[8324]: iAB958Gk008324: from=nobody,
> size=9827, class=0, nrcpts=252,
> msgid=<200411110905....@testy.substantis.com>,
> relay=nobody@localhost
> Nov 11 04:09:24 testy sendmail[9161]: iAB96ZRb009161: from=nobody,
> size=7881, class=0, nrcpts=252,
> msgid=<200411110906....@testy.substantis.com>,
> relay=nobody@localhost

> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

> to=berk...@telus.net,bern...@telus.net,bern...@hotmail.com,bestca...@hotmail.com,betsy...@hotmail.com,bet...@hotmail.com,bfr...@telus.net,bgar...@rockies.net,big...@webhart.net,bigbla...@shaw.ca,bigdogr...@yahoo.ca.,bj...@gmx.de,blom...@telus.net,bme...@shaw.ca,bmes...@ccsb.ca,bo...@axion.net,bpr...@sk.cancer.ca,braz...@canada.com,bre...@ccsb.ca,brin...@telus.net,bri...@arrakis.es,br...@pacificcoast.net,bro...@thesanctuary.ca,bryd...@futurenet.bc.ca,bshan...@hotmail.com,bs...@mcdougallgauley.com,bsm...@rogers.com,bun...@direct.ca,burgi_...@hotmail.com,bvh...@telus.net,bze...@yahoo.com,c.nac...@codetel.net.do,cai_...@hotmail.com,cak...@hotmail.com,camsm...@hotmail.com,canh2...@aol.com,carole...@shaw.ca,
> [more], ctladdr=nobody (99/99), delay=00:06:54, xdelay=00:00:01,
> mailer=relay, pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0,
> stat=Sent (Ok: queued as 604853B062E)

> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

> to=caroll...@hotmail.com,casey...@hotmail.com,cassa...@shaw.ca,ccac...@ccachiro.org,cci-...@camaralima.org.pe,cd...@telus.net,cel...@openlink.com.br,ce...@horyzon.ch,cg...@cgcc.org.hk,chaille...@msn.com,cha...@chamber.org.hk,chamel...@primus.ca,chay...@home.com,chay...@shaw.ca,chc...@telusplanet.net,chiro...@t-online.de,chir...@shinbiro.com,chris...@shaw.ca,chris...@oze-mail.com.au.,cjr...@cw.bc.ca,cjstmem...@mailcity.com,cko...@shaw.ca,ckop...@telus.net,clejeu...@compuserve.com,cl...@vision.net.au.,cmen...@campus.ccm.itesm.mx,cm...@aol.com,cm...@interlog.com,c...@interchange.ubc.ca,c...@sailing.org.hk,co...@pflagvancouver.com,communi...@transalliancesociety.org,comoxval...@shaw.ca,conl...@aol.com,
> [more], ctladdr=nobody (99/99), delay=00:06:54, xdelay=00:00:01,
> mailer=relay, pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0,
> stat=Sent (Ok: queued as 604853B062E)

> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

> to=con...@alz.ro,con...@francealzheimer.com,con...@franchise.org.nz,coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cow...@island.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,cro...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hinet.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_s...@1freemail.com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.ma...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswith...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.com,edwinb...@hotmail.com,rufus...@yahoo.com,
> ctladdr=nobody (99/99), delay=00:06:54, xdelay=00:00:01, mailer=relay,
> pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok:

> queued as 604853B062E)
> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

> to=berk...@telus.net,bern...@telus.net,bern...@hotmail.com,bestca...@hotmail.com,betsy...@hotmail.com,bet...@hotmail.com,bfr...@telus.net,bgar...@rockies.net,big...@webhart.net,bigbla...@shaw.ca,bigdogr...@yahoo.ca.,bj...@gmx.de,blom...@telus.net,bme...@shaw.ca,bmes...@ccsb.ca,bo...@axion.net,bpr...@sk.cancer.ca,braz...@canada.com,bre...@ccsb.ca,brin...@telus.net,bri...@arrakis.es,br...@pacificcoast.net,bro...@thesanctuary.ca,bryd...@futurenet.bc.ca,bshan...@hotmail.com,bs...@mcdougallgauley.com,bsm...@rogers.com,bun...@direct.ca,burgi_...@hotmail.com,bvh...@telus.net,bze...@yahoo.com,c.nac...@codetel.net.do,cai_...@hotmail.com,cak...@hotmail.com,camsm...@hotmail.com,canh2...@aol.com,carole...@shaw.ca,
> [more], ctladdr=nobody (99/99), delay=00:04:17, xdelay=00:00:01,
> mailer=relay, pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0,
> stat=Sent (Ok: queued as 54B493B062C)

> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

> to=caroll...@hotmail.com,casey...@hotmail.com,cassa...@shaw.ca,ccac...@ccachiro.org,cci-...@camaralima.org.pe,cd...@telus.net,cel...@openlink.com.br,ce...@horyzon.ch,cg...@cgcc.org.hk,chaille...@msn.com,cha...@chamber.org.hk,chamel...@primus.ca,chay...@home.com,chay...@shaw.ca,chc...@telusplanet.net,chiro...@t-online.de,chir...@shinbiro.com,chris...@shaw.ca,chris...@oze-mail.com.au.,cjr...@cw.bc.ca,cjstmem...@mailcity.com,cko...@shaw.ca,ckop...@telus.net,clejeu...@compuserve.com,cl...@vision.net.au.,cmen...@campus.ccm.itesm.mx,cm...@aol.com,cm...@interlog.com,c...@interchange.ubc.ca,c...@sailing.org.hk,co...@pflagvancouver.com,communi...@transalliancesociety.org,comoxval...@shaw.ca,conl...@aol.com,
> [more], ctladdr=nobody (99/99), delay=00:04:17, xdelay=00:00:01,
> mailer=relay, pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0,
> stat=Sent (Ok: queued as 54B493B062C)

> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

> to=con...@alz.ro,con...@francealzheimer.com,con...@franchise.org.nz,coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cow...@island.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,cro...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hinet.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_s...@1freemail.com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.ma...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswith...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.com,edwinb...@hotmail.com,rufus...@yahoo.com,
> ctladdr=nobody (99/99), delay=00:04:17, xdelay=00:00:01, mailer=relay,
> pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok:

> queued as 54B493B062C)
> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

> to=berk...@telus.net,bern...@telus.net,bern...@hotmail.com,bestca...@hotmail.com,betsy...@hotmail.com,bet...@hotmail.com,bfr...@telus.net,bgar...@rockies.net,big...@webhart.net,bigbla...@shaw.ca,bigdogr...@yahoo.ca.,bj...@gmx.de,blom...@telus.net,bme...@shaw.ca,bmes...@ccsb.ca,bo...@axion.net,bpr...@sk.cancer.ca,braz...@canada.com,bre...@ccsb.ca,brin...@telus.net,bri...@arrakis.es,br...@pacificcoast.net,bro...@thesanctuary.ca,bryd...@futurenet.bc.ca,bshan...@hotmail.com,bs...@mcdougallgauley.com,bsm...@rogers.com,bun...@direct.ca,burgi_...@hotmail.com,bvh...@telus.net,bze...@yahoo.com,c.nac...@codetel.net.do,cai_...@hotmail.com,cak...@hotmail.com,camsm...@hotmail.com,canh2...@aol.com,carole...@shaw.ca,
> [more], ctladdr=nobody (99/99), delay=00:02:51, xdelay=00:00:02,
> mailer=relay, pri=7567881, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0,
> stat=Sent (Ok: queued as 5A9E63B062D)

> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

> to=caroll...@hotmail.com,casey...@hotmail.com,cassa...@shaw.ca,ccac...@ccachiro.org,cci-...@camaralima.org.pe,cd...@telus.net,cel...@openlink.com.br,ce...@horyzon.ch,cg...@cgcc.org.hk,chaille...@msn.com,cha...@chamber.org.hk,chamel...@primus.ca,chay...@home.com,chay...@shaw.ca,chc...@telusplanet.net,chiro...@t-online.de,chir...@shinbiro.com,chris...@shaw.ca,chris...@oze-mail.com.au.,cjr...@cw.bc.ca,cjstmem...@mailcity.com,cko...@shaw.ca,ckop...@telus.net,clejeu...@compuserve.com,cl...@vision.net.au.,cmen...@campus.ccm.itesm.mx,cm...@aol.com,cm...@interlog.com,c...@interchange.ubc.ca,c...@sailing.org.hk,co...@pflagvancouver.com,communi...@transalliancesociety.org,comoxval...@shaw.ca,conl...@aol.com,
> [more], ctladdr=nobody (99/99), delay=00:02:51, xdelay=00:00:02,
> mailer=relay, pri=7567881, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0,
> stat=Sent (Ok: queued as 5A9E63B062D)

> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

> to=con...@alz.ro,con...@francealzheimer.com,con...@franchise.org.nz,coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cow...@island.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,cro...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hinet.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_s...@1freemail.com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.ma...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswith...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.com,edwinb...@hotmail.com,rufus...@yahoo.com,
> ctladdr=nobody (99/99), delay=00:02:51, xdelay=00:00:02, mailer=relay,
> pri=7567881, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok:

> queued as 5A9E63B062D)
> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

> to=alzheimers...@serendib.ws,alzheim...@ttnet.net.tr,alzh...@md2.vsnl.net.in,al...@tin.it,alz...@cantv.net,amacd...@pphm.com,amasho...@yahoo.com,amc...@amcham.org.hk,ame...@telus.net,amf...@shaw.ca.,am...@prodigy.net.mx,amief...@hotmail.com,amy...@satexas.com,andra...@hotmail.com,andylit...@hotmail.com,an...@tstt.net.tt,annf...@sbcglobal.net,ant...@pcnet.ro,antonia...@shaw.ca,aoz...@domi.com.tr,aped...@cw.bc.ca,a...@apfranchise.org,apron...@yahoo.ca,a...@cam.org,aq...@hotmail.com,arab...@hotmail.com,arco....@ping.be,ari...@netvigator.com,arni...@primus.ca,aros...@telus.net,ar...@bellnet.ca,arrows...@shaw.ca,arz...@yahoo.com,asc...@msn.com,ashg...@shaw.ca,ash...@sequoiachurch.org,asiancon...@shaw.ca,
> [more], ctladdr=nobody (99/99), delay=00:04:18, xdelay=00:00:01,
> mailer=relay, pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0,
> stat=Sent (Ok: queued as 7018A3B0630)

> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

> to=asian...@shaw.ca,asoci...@alzheimerperu.org,aspra...@yahoo.com,assofra...@assofranchising.it,aub...@hotmail.com,aud...@adinet.com.uy,audr...@shaw.ca,a...@mail.arts.ubc.ca,aust...@austcham.com.hk,ay...@politics.ankara.edu.tr,baby...@sympatico.ca,baby...@thesanctuary.ca,bachi...@geront.kiev.ua,b...@paradise.net.nz.,ba...@visualnet.on.ca,bas...@telus.net,bbe...@cw.bc.ca,bblo...@telusplanet.net,bbo...@ccsb.ca,b...@editors.ca,bcar...@ccsb.ca,bcftmn...@off-gridsolutions.ca,bcwat...@telus.net,bda...@ccsb.ca,bdec...@kellencompany.com,beeke...@yahoo.com,belt...@advisorsgroup.net,ben.r...@gmail.com,benevolence...@yahoo.com,
> ctladdr=nobody (99/99), delay=00:04:18, xdelay=00:00:01, mailer=relay,
> pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok:

> queued as 7018A3B0630)
> Nov 11 04:09:26 testy sendmail[6286]: iAB92V9o006286:

> to=admi...@amnesty.org,ad...@diabetesaustralia.com.au,ad...@japansocietycanada.com,ad...@tsbcps.edu.hk,ad...@ywca.org.sg,ae...@bbsi.net,aefva...@franquiciadores.com,a...@aem-aem.es,aer...@uniserve.com,afc...@unitel.co.kr,ag....@omaf.gov.on.ca,ake...@telus.net,ala...@thesanctuary.ca,alan...@telus.net,al...@dccnet.com,alison...@yahoo.ca,al...@shaw.ca,al...@satlink.com,alvina...@hotmail.com,a...@bluewin.ch,alzc...@adsl.tie.cl,alzg...@quetzal.net,alzhc...@yahoo.com,alzh...@alzscot.org,alzh...@cin.es,alzh...@hellasnet.gr,alzh...@netcabo.pt,alzhei...@hotmail.com,alzheime...@via.at,alzheime...@hotmail.com,alzhe...@alzheimerpr.org,alzhei...@pacific.net.sg,alzhe...@alzheimers.org.nz,alzhe...@pd.jaring.my,
> [more], ctladdr=nobody (99/99), delay=00:06:55, xdelay=00:00:01,
> mailer=relay, pri=7569827, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0,
> stat=Sent (Ok: queued as 6A2913B062F)
>
>
>
>
> **********************************
> my postconf -n
>
> debug_peer_level = 2
> inet_interfaces = all
> mail_owner = postfix
> mailbox_size_limit = 0
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> masquerade_domains = $mydomain
> mydestination = $myhostname, localhost.$mydomain, $mydomain
> mydomain = substantis.com
> myhostname = testy.substantis.com
> mynetworks = 192.168.0.0/24, 192.168.202.0/24, 127.0.0.0/8
> myorigin = $mydomain
> newaliases_path = /usr/bin/newaliases.postfix
> queue_directory = /var/spool/postfix
> readme_directory = /usr/share/doc/postfix-2.1.0-documentation/readme
> relay_domains = $mydestination, 127.0.0.1
> sample_directory = /etc/postfix/samples
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> unknown_local_recipient_reject_code = 450
> virtual_alias_domains = lubuto.org, familynetpix.com, mrcstudio.com,
> danielleworden.com, nelsonbeaudoin.com
> virtual_alias_maps = hash:/etc/postfix/virtual
>
>

mwo...@substantis.com

unread,

Nov 11, 2004, 9:29:06 PM11/11/04

> I have suddenly found a number of apparent relays coming from

> postfix-2.0.18-4 server on fedora core 2. my postconf -n follows at th=

e
> end of this message. No forwarding is authorized on my mail server. I
> ran a relay test against my server at
> http://www.abuse.net/cgi-bin/relaytest and all came back "Relay access
> denied."
>

> i discovered the problem from my daily report from pflogsumm showing an

> unusual number of messages delivered almost all of them between the hou=
rs
> of 4:00 and 5:00 am local time. I have provided an excerpt below from =

the
> grep i ran against my log. Can someone please tell me what I have done
> wrong and how to stop this relaying?
>
> ****************************************************************
> cat /var/maillog | grep relay > relaytest

> Nov 11 03:40:28 testy sendmail[6137]: iAB8eS8W006137: from=3Dnobody,
> size=3D699, class=3D0, nrcpts=3D1,
> msgid=3D<200411110840....@testy.substantis.com>,
> relay=3Dnobody@localhost

> Nov 11 03:40:29 testy sendmail[6137]: iAB8eS8W006137:

> to=3Dedwi...@terra.com, ctladdr=3Dnobody (99/99), delay=3D00:00:01,

> xdelay=3D00:00:01, mailer=3Drelay, pri=3D30699, relay=3D[127.0.0.1] [12=
7.0.0.1],
> dsn=3D2.0.0, stat=3DSent (Ok: queued as E0A403B062C)

> Nov 11 03:40:30 testy postfix/smtp[6142]: E0A403B062C:

> to=3D<edwin...@terra.com>, relay=3Dmail-vip2.terra.com[206.221.207.1=
96],

> delay=3D2, status=3Dsent (250 Ok: queued as 77B6C214073)
> Nov 11 04:03:40 testy sendmail[6472]: iAB93efD006472: from=3Droot,
> size=3D14788, class=3D0, nrcpts=3D1,
> msgid=3D<200411110903....@testy.substantis.com>,
> relay=3Droot@localhost
> Nov 11 04:03:41 testy sendmail[6472]: iAB93efD006472: to=3Droot,

> ctladdr=3Droot (0/0), delay=3D00:00:01, xdelay=3D00:00:01, mailer=3Drel=
ay,
> pri=3D44788, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSent =

(Ok: queued
> as 020613B062C)
> Nov 11 04:03:41 testy postfix/local[6481]: 020613B062C:

> to=3D<m...@substantis.com>, orig_to=3D<ro...@testy.substantis.com>, relay=

=3Dlocal,

> delay=3D0, status=3Dsent (mailbox)
> Nov 11 04:09:24 testy sendmail[6286]: iAB92V9o006286: from=3Dnobody,
> size=3D9827, class=3D0, nrcpts=3D252,
> msgid=3D<200411110902....@testy.substantis.com>,
> relay=3Dnobody@localhost
> Nov 11 04:09:24 testy sendmail[8324]: iAB958Gk008324: from=3Dnobody,
> size=3D9827, class=3D0, nrcpts=3D252,
> msgid=3D<200411110905....@testy.substantis.com>,
> relay=3Dnobody@localhost
> Nov 11 04:09:24 testy sendmail[9161]: iAB96ZRb009161: from=3Dnobody,
> size=3D7881, class=3D0, nrcpts=3D252,
> msgid=3D<200411110906....@testy.substantis.com>,
> relay=3Dnobody@localhost

> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

> to=3Dber...@telus.net,bern...@telus.net,bern...@hotmail.com,bestc=
areg...@hotmail.com,betsy...@hotmail.com,bet...@hotmail.com,bfryvr@t=
elus.net,bgar...@rockies.net,big...@webhart.net,bigbla...@shaw.ca,bi=
gdogre...@yahoo.ca.,bj...@gmx.de,blom...@telus.net,bme...@shaw.ca,bme=
ss...@ccsb.ca,bo...@axion.net,bpr...@sk.cancer.ca,braz...@canada.com,br=
el...@ccsb.ca,brin...@telus.net,bri...@arrakis.es,br...@pacificcoast.ne=
t,bro...@thesanctuary.ca,bryd...@futurenet.bc.ca,bshan...@hotmail.com,=
bs...@mcdougallgauley.com,bsm...@rogers.com,bun...@direct.ca,burgi_romme=
l...@hotmail.com,bvh...@telus.net,bze...@yahoo.com,c.nac...@codetel.net.=
do,cai_...@hotmail.com,cak...@hotmail.com,camsm...@hotmail.com,canh2=
op...@aol.com,carole...@shaw.ca,

> [more], ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01,

> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 604853B062E)

> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

> to=3Dcarol...@hotmail.com,casey...@hotmail.com,cassabyrne@shaw.c=
a,ccac...@ccachiro.org,cci-...@camaralima.org.pe,cd...@telus.net,celsow@=
openlink.com.br,ce...@horyzon.ch,cg...@cgcc.org.hk,chaille...@msn.com,c=
ham...@chamber.org.hk,chamel...@primus.ca,chay...@home.com,chaylett@=
shaw.ca,chc...@telusplanet.net,chiro...@t-online.de,chirolee@shinbiro=
.com,chris...@shaw.ca,chris...@oze-mail.com.au.,cjr...@cw.bc.ca,cjst=
membe...@mailcity.com,cko...@shaw.ca,ckop...@telus.net,clejeune_ywca@c=
ompuserve.com,cl...@vision.net.au.,cmen...@campus.ccm.itesm.mx,cmkdc@aol.=
com,cm...@interlog.com,c...@interchange.ubc.ca,c...@sailing.org.hk,colin@pfl=
agvancouver.com,communi...@transalliancesociety.org,comoxvalleypflag@=
shaw.ca,conl...@aol.com,

> [more], ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01,

> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 604853B062E)

> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

> to=3Dco...@alz.ro,con...@francealzheimer.com,con...@franchise.org.n=
z,coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cowboy@is=
land.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,cro=
cu...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hi=
net.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_service@1freemai=
l.com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.mans=
o...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswithhor=
sesj...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.co=
m,edwinb...@hotmail.com,rufus...@yahoo.com,
> ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01, mailer=3D=
relay,
> pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSen=

t (Ok:
> queued as 604853B062E)
> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

> [more], ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01,

> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 54B493B062C)

> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

> [more], ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01,

> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 54B493B062C)

> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

> to=3Dco...@alz.ro,con...@francealzheimer.com,con...@franchise.org.n=
z,coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cowboy@is=
land.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,cro=
cu...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hi=
net.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_service@1freemai=
l.com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.mans=
o...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswithhor=
sesj...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.co=
m,edwinb...@hotmail.com,rufus...@yahoo.com,
> ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01, mailer=3D=
relay,
> pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSen=

t (Ok:
> queued as 54B493B062C)
> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

> [more], ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02,

> mailer=3Drelay, pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 5A9E63B062D)

> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

> [more], ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02,

> mailer=3Drelay, pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 5A9E63B062D)

> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

> to=3Dco...@alz.ro,con...@francealzheimer.com,con...@franchise.org.n=
z,coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cowboy@is=
land.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,cro=
cu...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ct...@ms29.hi=
net.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_service@1freemai=
l.com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.mans=
o...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswithhor=
sesj...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,danny...@mac.co=
m,edwinb...@hotmail.com,rufus...@yahoo.com,
> ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02, mailer=3D=
relay,
> pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSen=

t (Ok:
> queued as 5A9E63B062D)
> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

> to=3Dadm...@amnesty.org,ad...@diabetesaustralia.com.au,admin@japansoc=
ietycanada.com,ad...@tsbcps.edu.hk,ad...@ywca.org.sg,ae...@bbsi.net,aefval=
en...@franquiciadores.com,a...@aem-aem.es,aer...@uniserve.com,afcde01@unit=
el.co.kr,ag....@omaf.gov.on.ca,ake...@telus.net,ala...@thesanctuary.ca,=
alan...@telus.net,al...@dccnet.com,alison...@yahoo.ca,al...@shaw.ca,=
al...@satlink.com,alvina...@hotmail.com,a...@bluewin.ch,alzchile@adsl.t=
ie.cl,alzg...@quetzal.net,alzhc...@yahoo.com,alzh...@alzscot.org,alz=
hei...@cin.es,alzh...@hellasnet.gr,alzh...@netcabo.pt,alzheimer_pl@ho=
tmail.com,alzheime...@via.at,alzheime...@hotmail.com,alzheimer=
p...@alzheimerpr.org,alzhei...@pacific.net.sg,alzhe...@alzheimers.org=
.nz,alzhe...@pd.jaring.my,

> [more], ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01,

> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 7018A3B0630)

> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

> to=3Dalzheimer...@serendib.ws,alzheim...@ttnet.net.tr,alzh=
ei...@md2.vsnl.net.in,al...@tin.it,alz...@cantv.net,amacd...@pphm.com,am=
ashou...@yahoo.com,amc...@amcham.org.hk,ame...@telus.net,amfapa@shaw.c=
a.,am...@prodigy.net.mx,amief...@hotmail.com,amy...@satexas.com,andraspo=
l...@hotmail.com,andylit...@hotmail.com,an...@tstt.net.tt,annfogler@sbc=
global.net,ant...@pcnet.ro,antonia...@shaw.ca,aoz...@domi.com.tr,ap=
ede...@cw.bc.ca,a...@apfranchise.org,apron...@yahoo.ca,a...@cam.org,aqp=
r...@hotmail.com,arab...@hotmail.com,arco....@ping.be,arintl@netvigator=
.com,arni...@primus.ca,aros...@telus.net,ar...@bellnet.ca,arrowsmithpc=
@shaw.ca,arz...@yahoo.com,asc...@msn.com,ashg...@shaw.ca,ashleyk@sequoi=
achurch.org,asiancon...@shaw.ca,

> [more], ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01,

> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 7018A3B0630)

> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

> to=3Dasia...@shaw.ca,asoci...@alzheimerperu.org,aspracklin@yahoo.c=
om,assofra...@assofranchising.it,aub...@hotmail.com,audasur@adinet.=
com.uy,audr...@shaw.ca,a...@mail.arts.ubc.ca,aust...@austcham.com.hk,ayd=
i...@politics.ankara.edu.tr,baby...@sympatico.ca,babyducks@thesanctuary.c=
a,bachi...@geront.kiev.ua,b...@paradise.net.nz.,ba...@visualnet.on.ca,ba=
sw...@telus.net,bbe...@cw.bc.ca,bblo...@telusplanet.net,bbo...@ccsb.ca,=
b...@editors.ca,bcar...@ccsb.ca,bcftmn...@off-gridsolutions.ca,bcwaterp=
o...@telus.net,bda...@ccsb.ca,bdec...@kellencompany.com,beekeeper82@yaho=
o.com,belt...@advisorsgroup.net,ben.r...@gmail.com,benevolence_balinta=
w...@yahoo.com,
> ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01, mailer=3D=
relay,
> pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSen=

t (Ok:
> queued as 7018A3B0630)
> Nov 11 04:09:26 testy sendmail[6286]: iAB92V9o006286:

> [more], ctladdr=3Dnobody (99/99), delay=3D00:06:55, xdelay=3D00:00:01,

> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2=
.0.0,
> stat=3DSent (Ok: queued as 6A2913B062F)
>
>
>
>
> **********************************
> my postconf -n
>

> debug_peer_level =3D 2
> inet_interfaces =3D all
> mail_owner =3D postfix
> mailbox_size_limit =3D 0
> mailq_path =3D /usr/bin/mailq.postfix
> manpage_directory =3D /usr/share/man
> masquerade_domains =3D $mydomain
> mydestination =3D $myhostname, localhost.$mydomain, $mydomain
> mydomain =3D substantis.com
> myhostname =3D testy.substantis.com
> mynetworks =3D 192.168.0.0/24, 192.168.202.0/24, 127.0.0.0/8
> myorigin =3D $mydomain
> newaliases_path =3D /usr/bin/newaliases.postfix
> queue_directory =3D /var/spool/postfix
> readme_directory =3D /usr/share/doc/postfix-2.1.0-documentation/readme
> relay_domains =3D $mydestination, 127.0.0.1
> sample_directory =3D /etc/postfix/samples
> sendmail_path =3D /usr/sbin/sendmail.postfix
> setgid_group =3D postdrop
> unknown_local_recipient_reject_code =3D 450

> virtual_alias_domains =3D lubuto.org, familynetpix.com, mrcstudio.com,
> danielleworden.com, nelsonbeaudoin.com
> virtual_alias_maps =3D hash:/etc/postfix/virtual
>
>
>

is it possible that this was generated by a user account on a website i r=
un?

Scott Muller

unread,

Nov 11, 2004, 9:45:48 PM11/11/04

> ****************************************************************
> cat /var/maillog | grep relay > relaytest

> Nov 11 03:40:28 testy sendmail[6137]: iAB8eS8W006137: from=nobody,
------------------------^^^^^^^^

This is sendmail not postfix. Make sure that you remove/disable sendmail
and enable postfix. Sorry I have no idea how to do this on a Linux box.

--
Scott.

mwo...@substantis.com

unread,

Nov 11, 2004, 10:02:40 PM11/11/04

> On Thu, 2004-11-11 at 20:57 -0500, mwo...@substantis.com wrote:

>> I have suddenly found a number of apparent relays coming from

>> postfix-2.0.18-4 server on fedora core 2. my postconf -n follows at t=
he
>> end of this message. No forwarding is authorized on my mail server. =

I
>> ran a relay test against my server at
>> http://www.abuse.net/cgi-bin/relaytest and all came back "Relay access
>> denied."
>

> I see that you are running Squirrel. Is it secure?
>>

>> i discovered the problem from my daily report from pflogsumm showing a=

n
>> unusual number of messages delivered almost all of them between the

>> hours

>> of 4:00 and 5:00 am local time. I have provided an excerpt below from

>> the
>> grep i ran against my log. Can someone please tell me what I have don=

e
>> wrong and how to stop this relaying?
>>

>> ****************************************************************
>> cat /var/maillog | grep relay > relaytest

>> Nov 11 03:40:28 testy sendmail[6137]: iAB8eS8W006137: from=3Dnobody,
>> size=3D699, class=3D0, nrcpts=3D1,
>> msgid=3D<200411110840....@testy.substantis.com>,
>> relay=3Dnobody@localhost
>> Nov 11 03:40:29 testy sendmail[6137]: iAB8eS8W006137:

>> to=3Dedwi...@terra.com, ctladdr=3Dnobody (99/99), delay=3D00:00:01=
,
>> xdelay=3D00:00:01, mailer=3Drelay, pri=3D30699, relay=3D[127.0.0.1] [1=
27.0.0.1],

>> dsn=3D2.0.0, stat=3DSent (Ok: queued as E0A403B062C)
>> Nov 11 03:40:30 testy postfix/smtp[6142]: E0A403B062C:

>> to=3D<edwin...@terra.com>, relay=3Dmail-vip2.terra.com[206.221.207.=
196],

>> delay=3D2, status=3Dsent (250 Ok: queued as 77B6C214073)
>> Nov 11 04:03:40 testy sendmail[6472]: iAB93efD006472: from=3Droot,
>> size=3D14788, class=3D0, nrcpts=3D1,
>> msgid=3D<200411110903....@testy.substantis.com>,
>> relay=3Droot@localhost
>> Nov 11 04:03:41 testy sendmail[6472]: iAB93efD006472: to=3Droot,

>> ctladdr=3Droot (0/0), delay=3D00:00:01, xdelay=3D00:00:01, mailer=3Dre=
lay,

>> pri=3D44788, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSent=
(Ok:
>> queued
>> as 020613B062C)
>> Nov 11 04:03:41 testy postfix/local[6481]: 020613B062C:
>> to=3D<m...@substantis.com>, orig_to=3D<ro...@testy.substantis.com>,

>> relay=3Dlocal,

>> delay=3D0, status=3Dsent (mailbox)
>> Nov 11 04:09:24 testy sendmail[6286]: iAB92V9o006286: from=3Dnobody,
>> size=3D9827, class=3D0, nrcpts=3D252,
>> msgid=3D<200411110902....@testy.substantis.com>,
>> relay=3Dnobody@localhost
>> Nov 11 04:09:24 testy sendmail[8324]: iAB958Gk008324: from=3Dnobody,
>> size=3D9827, class=3D0, nrcpts=3D252,
>> msgid=3D<200411110905....@testy.substantis.com>,
>> relay=3Dnobody@localhost
>> Nov 11 04:09:24 testy sendmail[9161]: iAB96ZRb009161: from=3Dnobody,
>> size=3D7881, class=3D0, nrcpts=3D252,
>> msgid=3D<200411110906....@testy.substantis.com>,
>> relay=3Dnobody@localhost
>> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

>> to=3Dber...@telus.net,bern...@telus.net,bern...@hotmail.com,best=
care...@hotmail.com,betsy...@hotmail.com,bet...@hotmail.com,bfryvr@=
telus.net,bgar...@rockies.net,big...@webhart.net,bigbla...@shaw.ca,b=
igdogr...@yahoo.ca.,bj...@gmx.de,blom...@telus.net,bme...@shaw.ca,bm=
ess...@ccsb.ca,bo...@axion.net,bpr...@sk.cancer.ca,braz...@canada.com,b=
rel...@ccsb.ca,brin...@telus.net,bri...@arrakis.es,brown@pacificcoast.n=
et,bro...@thesanctuary.ca,bryd...@futurenet.bc.ca,bshan...@hotmail.com=
,bs...@mcdougallgauley.com,bsm...@rogers.com,bun...@direct.ca,burgi_romm=
e...@hotmail.com,bvh...@telus.net,bze...@yahoo.com,c.nac...@codetel.net=
.do,cai_...@hotmail.com,cak...@hotmail.com,camsm...@hotmail.com,canh=
2op...@aol.com,carole...@shaw.ca,

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01,

>> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

>> stat=3DSent (Ok: queued as 604853B062E)
>> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

>> to=3Dcarol...@hotmail.com,casey...@hotmail.com,cassabyrne@shaw.=
ca,ccac...@ccachiro.org,cci-...@camaralima.org.pe,cd...@telus.net,celsow=
@openlink.com.br,ce...@horyzon.ch,cg...@cgcc.org.hk,chaille...@msn.com,=
cha...@chamber.org.hk,chamel...@primus.ca,chay...@home.com,chaylett=
@shaw.ca,chc...@telusplanet.net,chiro...@t-online.de,chirolee@shinbir=
o.com,chris...@shaw.ca,chris...@oze-mail.com.au.,cjr...@cw.bc.ca,cjs=
tmemb...@mailcity.com,cko...@shaw.ca,ckop...@telus.net,clejeune_ywca@=
compuserve.com,cl...@vision.net.au.,cmen...@campus.ccm.itesm.mx,cmkdc@aol=
.com,cm...@interlog.com,c...@interchange.ubc.ca,c...@sailing.org.hk,colin@pf=
lagvancouver.com,communi...@transalliancesociety.org,comoxvalleypflag=
@shaw.ca,conl...@aol.com,

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01,

>> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

>> stat=3DSent (Ok: queued as 604853B062E)
>> Nov 11 04:09:25 testy sendmail[6286]: iAB92V9o006286:

>> to=3Dco...@alz.ro,con...@francealzheimer.com,con...@franchise.org.=
nz,coppe...@comcast.net,corp...@hotmail.com,corr...@home.com,cowboy@i=
sland.net,co...@renniestravel.co.zw,cpk...@netcom.ca,cr...@hotmail.com,cr=
oc...@telusplanet.net,cr...@omaf.gov.on.ca,csch...@axion.net,ctda@ms29.h=
inet.net,ct...@telus.net,cuspre...@commerce.ubc.ca,cust_service@1freema=
il.com,cvtr...@hotmail.com,cwp...@academicplanet.com,cz...@ywca.cz,d.man=
so...@alzlebanon.org,dDevo...@shaw.ca,dain...@hotmail.com,danceswithho=
rses...@yahoo.ca,dane...@shaw.ca,dan...@horyzon.ch,dannysinger@mac.c=
om,edwinb...@hotmail.com,rufus...@yahoo.com,

>> ctladdr=3Dnobody (99/99), delay=3D00:06:54, xdelay=3D00:00:01, mailer=3D=
relay,

>> pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSe=
nt (Ok:

>> queued as 604853B062E)
>> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01,

>> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

>> stat=3DSent (Ok: queued as 54B493B062C)
>> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01,

>> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

>> stat=3DSent (Ok: queued as 54B493B062C)
>> Nov 11 04:09:25 testy sendmail[8324]: iAB958Gk008324:

>> ctladdr=3Dnobody (99/99), delay=3D00:04:17, xdelay=3D00:00:01, mailer=3D=
relay,

>> pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSe=
nt (Ok:

>> queued as 54B493B062C)
>> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02,

>> mailer=3Drelay, pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

>> stat=3DSent (Ok: queued as 5A9E63B062D)
>> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02,

>> mailer=3Drelay, pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

>> stat=3DSent (Ok: queued as 5A9E63B062D)
>> Nov 11 04:09:26 testy sendmail[9161]: iAB96ZRb009161:

>> ctladdr=3Dnobody (99/99), delay=3D00:02:51, xdelay=3D00:00:02, mailer=3D=
relay,

>> pri=3D7567881, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSe=
nt (Ok:

>> queued as 5A9E63B062D)
>> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

>> to=3Dadm...@amnesty.org,ad...@diabetesaustralia.com.au,admin@japanso=
cietycanada.com,ad...@tsbcps.edu.hk,ad...@ywca.org.sg,ae...@bbsi.net,aefva=
len...@franquiciadores.com,a...@aem-aem.es,aer...@uniserve.com,afcde01@uni=
tel.co.kr,ag....@omaf.gov.on.ca,ake...@telus.net,ala...@thesanctuary.ca=
,alan...@telus.net,al...@dccnet.com,alison...@yahoo.ca,al...@shaw.ca=
,al...@satlink.com,alvina...@hotmail.com,a...@bluewin.ch,alzchile@adsl.=
tie.cl,alzg...@quetzal.net,alzhc...@yahoo.com,alzh...@alzscot.org,al=
zhe...@cin.es,alzh...@hellasnet.gr,alzh...@netcabo.pt,alzheimer_pl@h=
otmail.com,alzheime...@via.at,alzheime...@hotmail.com,alzheime=
r...@alzheimerpr.org,alzhei...@pacific.net.sg,alzhe...@alzheimers.or=
g.nz,alzhe...@pd.jaring.my,

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01,

>> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

>> stat=3DSent (Ok: queued as 7018A3B0630)
>> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

>> to=3Dalzheimer...@serendib.ws,alzheim...@ttnet.net.tr,alz=
he...@md2.vsnl.net.in,al...@tin.it,alz...@cantv.net,amacd...@pphm.com,a=
masho...@yahoo.com,amc...@amcham.org.hk,ame...@telus.net,amfapa@shaw.=
ca.,am...@prodigy.net.mx,amief...@hotmail.com,amy...@satexas.com,andrasp=
o...@hotmail.com,andylit...@hotmail.com,an...@tstt.net.tt,annfogler@sb=
cglobal.net,ant...@pcnet.ro,antonia...@shaw.ca,aoz...@domi.com.tr,a=
pede...@cw.bc.ca,a...@apfranchise.org,apron...@yahoo.ca,a...@cam.org,aq=
p...@hotmail.com,arab...@hotmail.com,arco....@ping.be,arintl@netvigato=
r.com,arni...@primus.ca,aros...@telus.net,ar...@bellnet.ca,arrowsmithp=
c...@shaw.ca,arz...@yahoo.com,asc...@msn.com,ashg...@shaw.ca,ashleyk@sequo=
iachurch.org,asiancon...@shaw.ca,

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01,

>> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

>> stat=3DSent (Ok: queued as 7018A3B0630)
>> Nov 11 04:09:26 testy sendmail[8324]: iAB958Gk008324:

>> to=3Dasia...@shaw.ca,asoci...@alzheimerperu.org,aspracklin@yahoo.=
com,assofra...@assofranchising.it,aub...@hotmail.com,audasur@adinet=
.com.uy,audr...@shaw.ca,a...@mail.arts.ubc.ca,aust...@austcham.com.hk,ay=
d...@politics.ankara.edu.tr,baby...@sympatico.ca,babyducks@thesanctuary.=
ca,bachi...@geront.kiev.ua,b...@paradise.net.nz.,ba...@visualnet.on.ca,b=
asw...@telus.net,bbe...@cw.bc.ca,bblo...@telusplanet.net,bbo...@ccsb.ca=
,b...@editors.ca,bcar...@ccsb.ca,bcftmn...@off-gridsolutions.ca,bcwater=
po...@telus.net,bda...@ccsb.ca,bdec...@kellencompany.com,beekeeper82@yah=
oo.com,belt...@advisorsgroup.net,ben.r...@gmail.com,benevolence_balint=
aw...@yahoo.com,

>> ctladdr=3Dnobody (99/99), delay=3D00:04:18, xdelay=3D00:00:01, mailer=3D=
relay,

>> pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D2.0.0, stat=3DSe=
nt (Ok:

>> queued as 7018A3B0630)
>> Nov 11 04:09:26 testy sendmail[6286]: iAB92V9o006286:

>> [more], ctladdr=3Dnobody (99/99), delay=3D00:06:55, xdelay=3D00:00:01,

>> mailer=3Drelay, pri=3D7569827, relay=3D[127.0.0.1] [127.0.0.1], dsn=3D=
2.0.0,

i'm not set up from secure sign on just yet (i'm still recovering from a
major hard drive failure / server crash). i checked the http access logs=
.
there were none shown except for access to a site i host and a user who
accessed that site's webmail feature (its supposed to just be used for
registration, etc.) all the "relays" are for "nobody" which is my
server's group / user id. i have turned that feature off and blocked the
IP addresss. any other thoughts? i'm thinking about running a chkroot
kit (if someone knows a good "how-to" for that i'd be greatful).

Matt

unread,

Nov 11, 2004, 10:16:10 PM11/11/04

mwo...@substantis.com wrote:

> i'm not set up from secure sign on just yet (i'm still recovering from a
> major hard drive failure / server crash). i checked the http access

> logs.

> there were none shown except for access to a site i host and a user who
> accessed that site's webmail feature (its supposed to just be used for
> registration, etc.) all the "relays" are for "nobody" which is my
> server's group / user id. i have turned that feature off and blocked
> the IP addresss. any other thoughts? i'm thinking about running a
> chkroot kit (if someone knows a good "how-to" for that i'd be greatful).

Will you please stop quoting the entire message in your replies.

The first thing to do, as Scott mentioned, is to get rid of Sendmail.
Securing the system is then dependant upon which extraneous software you
are running upon the machine.

Matt

0 new messages