Op di 14 feb 2012 15:43:00 schreef Ralph Ballier: > Hello, > > one of my server with exim 4.77 seems to be an open relay, but I mean I had > configured all right. I use smtp authentication and suppose, that hackers > had found out username and password of a legal user. Is it possible to > logging all information floating from mail client to server? I hope to get > the username which give access to the server. > > Or do you mean, there is an other reason for open relay? > > Raba
The login name and authorisation _is_ logged in the standard configuration (the string preceded with 'A='). Also in standard configuration your box would not be an open relay. If no 'A=' string is present in the log for the outgoing mail, you might want to check is there is a 'U=' string which would signify that a user is submitting these mails locally (website, compromised local user). Some snippets from you log would help us greatly in any further investigation. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
