> On 11 Dec 2014, at 8:48 pm, Doug Lytle <[email protected]> wrote: > > James Brown wrote: >> Dec-11-14 10:23:53 [Worker_2] Connected: session:7FAD1B6519F8 >> 127.0.0.1:51769 > 127.0.0.1:25 > 127.0.0.1:10026 >> Dec-11-14 10:23:56 [Worker_2] 127.0.0.1 info: authentication - plain is used > > You've got a compromised account on your system. The sender authenticated. > > A failed authentication would be similar to the below: > > 07-12-2014 05:15:00 [Worker_1] Connected: session:7F3F0DB2AF98 > 5.189.129.101:61808 > 10.10.10.247:587 > 10.10.10.250:25 > 07-12-2014 05:15:01 [Worker_1] 5.189.129.101 info: got STARTTLS request > from 5.189.129.101 > 07-12-2014 05:15:01 [Worker_1] [TLS-in] [TLS-out] 5.189.129.101 info: > authentication - plain is used > 07-12-2014 05:15:02 [Worker_1] [TLS-in] [TLS-out] 5.189.129.101 warning: > SMTP authentication failed on 10.10.10.250
Thanks Doug. Is there anyway to get it to show any more authentication info - eg which username was used? Any debug setting? Regards, James. ------------------------------------------------------------------------------ Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server from Actuate! Instantly Supercharge Your Business Reports and Dashboards with Interactivity, Sharing, Native Excel Exports, App Integration & more Get technology previously reserved for billion-dollar corporations, FREE http://pubads.g.doubleclick.net/gampad/clk?id=164703151&iu=/4140/ostg.clktrk _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
