http://wiki.qmailtoaster.net/index.php/FAQs#I_see_a_message_in_my_smtp_log_that_states_.22User_and_password_not_set.2C_continuing_without_authentication.22._What_is_going_on.3F
On 12/11/2019 8:14 AM, Tahnan Al Anas wrote:
That I see in qmail send log
On Wed, 11 Dec 2019, 8:06 pm Eric Broch, <[email protected]
<mailto:[email protected]>> wrote:
What log?
On 12/11/2019 1:26 AM, Tahnan Al Anas wrote:
Hi Eric,
Can you tell me why I am seeing all outgoing getting out with
below log?
success:
User_and_password_not_set,_continuing_without_authentication./
--
--
Best Regards
Muhammad Tahnan Al Anas
On Wed, Dec 11, 2019 at 1:25 AM <[email protected]
<mailto:[email protected]>> wrote:
I have checked out authentication with my submission port 587
and I must authenticate before sending. However, I have
entries in the log from a “bad guy IP address” which say
“sender accepted” and its giving me heartburn.
2019-12-10 02:43:04.376530500 CHKUSER accepted sender: from
<[email protected]::> <mailto:[email protected]::>
remote <4vFoWf3:unknown:64.225.41.10> rcpt <> : sender accepted
2019-12-10 03:04:09.269688500 CHKUSER accepted sender: from
<[email protected]::>
<mailto:[email protected]::> remote
<3aJfz4D7:unknown:64.225.41.10> rcpt <> : sender accepted
(Note: the IP 64.255.41.10 is the real IP of the bad guy)
There are no corresponding lines which say, “client allowed
to relay”
Note after the from address, there are two colons:
<[email protected]::> <mailto:[email protected]::> . On all
legitimate entries, there are no such double colons.
How did this guy get that entry into my submission logs
without authenticating? Is this something I need to worry about?
Any input would be really appreciated
Boatner Howell
Foundaton Technologies, LLC
