Michelle Konzack writes:
On 2017-01-23 06:33:48 Sam Varshavchik hacked into the keyboard: > Adding > > NOADDRREWRITE=2 > > to the courieresmtpd configuration file should do the trick.Hmmm, even if I do not find ths OPTION in any manpages, I have added it to /etc/courier/esmtpd and will see, what happen. I will see, if I still get messages from <jfk53> and <jfc53>... Oops! -- Just restarted esmtpd and now I get ----[ ssh command ]----------------------------------------------------- Jan 23 16:13:23 mail courieresmtpd: started,ip=[::ffff:202.170.70.8]Jan 23 16:13:24 mail courieresmtpd: error,relay=::ffff:202.170.70.8,msg="554 Syntax error - your mail software violates RFC 821.",cmd: MAIL FROM: x...@ore.netJan 23 16:13:55 mail courieresmtpd: started,ip=[::ffff:202.170.70.8]Jan 23 16:13:58 mail courieresmtpd: error,relay=::ffff:202.170.70.8,msg="535 Authentication failed.",cmd: AUTH
The config change has no effect on authentication. You're logging a run-of-the-mill dictionary attack.
Is this a result of NOADDRREWRITE=2 ?
No.
> The documentation for this is buried in the submit(8) man page. ...but not in my manpage!
Changelog shows that the option was added in 0.70, in January of 2013.
pgpUbe6nulyT9.pgp
Description: PGP signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users