OK guys, I'm come on something that's worrying me. I have inetd/hosts.allow
set to only allow ipop3d from my IP's.
cat /etc/hosts|grep pop:
ipop3d: xx.xx.80.0/255.255.252.0
ipop3d: xx.xx.105.184.
I allow (hope to allow) only ipop3d from (2) IP ranges as shown above.
I've tested poping mail from alternate accounts on other domains I have
accounts on and I am rejected as I should be.
In /var/log/maillog I'm seeing what appears to be sucessfull connects from
outside my network. In every case the userid is valid but the hostname and
IP should not be valid and should not be allowed to pop mail. A SAMPLE (of
many) apparantly sucessful connect and downlaod of 16 messages follows:
Feb 12 07:36:49 mail5 ipop3d[22729]: port 110 service init from xxx.67.46.44
Feb 12 07:36:53 mail5 ipop3d[22729]: Login user=ads001 host=nas-46-44.xxx.n
avipath.net [216.67.46.44] nmsgs=16/16
Feb 12 07:39:04 mail5 ipop3d[22729]: Logout user=ads001 host=nas-46-44.xxx.
navipath.net [xxx.67.46.44] nmsgs=0 ndele=16
Where does this reported hostname and IP logged by ipop3d come from? Are
these users really logging in from outside my network? If so, how do I stop
it? FWIW, RH6.0+patches, ipop3d v7.59.
Thanks,
Scott
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
