Hi all, I am the one that asked if anyone had gotten these messages... Jun 22 11:41:58 mail sendmail[5690]: NOQUEUE: mandrakesoft.mandrakesoft.com [216.71.84.35] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA Jun 22 11:42:30 mail sendmail[5692]: f5M3gPi05692: tcpwrappers (postoffice.telstra.net, 203.50.2.76) rejection in their mail logs... After hours of web searching,, I found out what was happening.. portsentry in its many false alarms, had added all these hosts (about 30 mailing lists of mine..), to the /etc/hosts.deny this stopped these servers from authenticating with my box, resulting with these messages... as soon as I removed the lines,, I got a newbie message.. now I am hoping that my secondary mx will return the mails I missed to me... the answer?? in hosts.allow add the address's that you want and give them access to at least sendmail... something like: sendmail:123.123.123.123 then even if portsentry adds them to hosts.deny, they still can connect... also, check hosts.deny once a week, and clean out address's you think are safe... (has anyone written a script to check the logs, work out what attacks appear to be false alarms and remove the entry in question from hosts.deny?) anyway, just thought I'd let everyone know in case someone else has the same problem... regards Frank
