On Wed, 17 Oct 2001, John Mehan wrote: > Hi I was wondering how to read the maillog... > > I received this log in the maillog. > > Oct 17 10:21:49 ns1 sendmail[20704]: f9HELnF20704: > from=<[EMAIL PROTECTED]>, size=3013, class=0, nrcpts=1, > msgid=<[EMAIL PROTECTED]>, > proto=ESMTP, daemon=MTA, relay=134.22.47.tor-55.151.net [134.22.47.55] > (may be forged) > > What does the "may be forged" mean exactly? Does it flag this email > because the from address does not share the same domain name where the > message came from? > > How do you know if this was an incoming email or an outgoing one? > Could this be spam? > > If anyone can help me with this probably simple question, I would > appreciate it. > > Thanks in advance, > > John Mehan >
It is all about DNS inconsistency, see http://www.sendmail.org/~ca/email/relayingdenied.html -- Rik Thomas [EMAIL PROTECTED] http://SmartBackups.com Is your Website Smart? Automated Website backups. Free 30Day trial! Ph: 888.845.6856 Fx: 302.672.7315 ICQ: 879956 _______________________________________________ cobalt-security mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-security
