[root@NewMail ~]# rpm -qa |grep qmail

[root@NewMail ~]# cat /var/qmail/supervise/submission/run
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`

exec /usr/bin/softlimit -m 128000000 \
    /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c "$MAXSMTPD" \
    -u "$QMAILDUID" -g "$NOFILESGID" 0 587 \
    $SMTPD $VCHKPW /bin/true 2>&1
[root@NewMail ~]#


Sent from Mail for Windows 10

From: Eric Broch
Sent: Wednesday, December 11, 2019 8:07 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Got the willys with submission log entries

What version of qmail?
# rpm -qa | grep qmail
what's in your run file
# cat /var/qmail/supervise/submission/run
On 12/10/2019 12:24 PM, bhow...@teamft.com wrote:
I have checked out authentication with my submission port 587 and I must 
authenticate before sending. However, I have entries in the log from a “bad guy 
IP address” which say “sender accepted” and its giving me heartburn.
2019-12-10 02:43:04.376530500 CHKUSER accepted sender: from 
<someb...@somewhere.net::> remote <4vFoWf3:unknown:> rcpt <> : 
sender accepted
2019-12-10 03:04:09.269688500 CHKUSER accepted sender: from 
<anotherb...@somewhere.net::> remote <3aJfz4D7:unknown:> rcpt <> : 
sender accepted
(Note: the IP is the real IP of the bad guy)
There are no corresponding lines which say, “client allowed to relay”
Note after the from address, there are two colons: <someb...@irtc.net::> . On 
all legitimate entries, there are no such double colons.
How did this guy get that entry into my submission logs without authenticating? 
 Is this something I need to worry about?
Any input would be really appreciated  
Boatner Howell
Foundaton Technologies, LLC

Not spam
Forget previous vote

To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Reply via email to