Re: What log? …. /var/log/qmail/submission/current
This is qmail’s log for port 587. Sent from Mail for Windows 10 From: Tahnan Al Anas Sent: Wednesday, December 11, 2019 9:14 AM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Got the willys with submission log entries That I see in qmail send log On Wed, 11 Dec 2019, 8:06 pm Eric Broch, <ebr...@whitehorsetc.com> wrote: What log? On 12/11/2019 1:26 AM, Tahnan Al Anas wrote: Hi Eric, Can you tell me why I am seeing all outgoing getting out with below log? success: User_and_password_not_set,_continuing_without_authentication./ -- -- Best Regards Muhammad Tahnan Al Anas On Wed, Dec 11, 2019 at 1:25 AM <bhow...@teamft.com> wrote: I have checked out authentication with my submission port 587 and I must authenticate before sending. However, I have entries in the log from a “bad guy IP address” which say “sender accepted” and its giving me heartburn. 2019-12-10 02:43:04.376530500 CHKUSER accepted sender: from <someb...@somewhere.net::> remote <4vFoWf3:unknown:64.225.41.10> rcpt <> : sender accepted 2019-12-10 03:04:09.269688500 CHKUSER accepted sender: from <anotherb...@somewhere.net::> remote <3aJfz4D7:unknown:64.225.41.10> rcpt <> : sender accepted (Note: the IP 64.255.41.10 is the real IP of the bad guy) There are no corresponding lines which say, “client allowed to relay” Note after the from address, there are two colons: <someb...@irtc.net::> . On all legitimate entries, there are no such double colons. How did this guy get that entry into my submission logs without authenticating? Is this something I need to worry about? Any input would be really appreciated Boatner Howell Foundaton Technologies, LLC Spam Phish/Fraud Not spam Forget previous vote
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com