Looking in my mail server's logs, I see a lot of entries similar to:
Jul 23 06:34:34 daisy assp/smtpd[20956]: connect from localhost[127.0.0.1]
Jul 23 06:34:38 daisy assp/smtpd[20956]: warning: localhost[127.0.0.1]:
SASL LOGIN authentication failed: UGFzc3dvcmQ6
Jul 23 06:34:38 daisy assp/smtpd[20956]: disconnect from
localhost[127.0.0.1] ehlo=2 starttls=1 auth=0/1 rset=1 noop=1 quit=1
commands=6/7
Those are failed hacking attempts. What I'm noticing however is all
that my backend SMTP server sees is the IP address of ASSP (localhost).
And the SASL LOGIN appears to be encrypted.
Is there something I can adjust to have the "true" external sender IP
and the attempt login name exposed in my mail server logs?
--
Daniel
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Assp-test mailing list
Assp-test@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/assp-test
