Re: [gentoo-user] OT - Mail question
On 22 June 2006 18:37, Michael Sullivan wrote: > I found something that suggests that MAILER-DAEMON is trying to email > [EMAIL PROTECTED] to tell them that their spam has been rejected. > Probably sent by Mailman. If I can find the original email, can I delet > it and make sendmail stop trying to send it? I haven't used sendmail in ages (about 10 years). I don't remember how to do it cleanly. Why don't you move to a modern MTA like exim, postfix, qmail or such? Uwe -- Mark Twain: I rather decline two drinks than a German adjective. http://www.SysEx.com.na -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT - Mail question
On Thu, 2006-06-22 at 17:21 +0100, Uwe Thiem wrote: > On 22 June 2006 17:04, Michael Sullivan wrote: > > What do you make of this? I found it in /var/log/messages: > > > > Jun 22 10:59:15 bullet sm-mta[2558]: k5L4mNFw021664: > > to=<[EMAIL PROTECTED]>, delay=1+11:10:52, xdelay=00:03:09, > > mailer=esmtp, pri=6425885, relay=mail.midamerica.com. [65.243.220.163], > > dsn=4.0.0, stat=Deferred: Connection timed out with mail.midamerica.com. > > > > > > There are several of these. It looks to me as if someone is trying to > > send mail to [EMAIL PROTECTED], but neither my wife nor I know > > them, and we're the only espersunited.com users who use mail actively. > > Has my mail system been compromised? > > The mail in question is still lying around somewhere under /var/spool > (depending on the MTA you are using). Find it and read it with an editor. > That might give you a hint what is going on. > > Also, read your MTA's log file to find out who has sent it. > > Uwe > > -- > Mark Twain: I rather decline two drinks than a German adjective. > http://www.SysEx.com.na I found something that suggests that MAILER-DAEMON is trying to email [EMAIL PROTECTED] to tell them that their spam has been rejected. Probably sent by Mailman. If I can find the original email, can I delet it and make sendmail stop trying to send it? -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT - Mail question
On 22 June 2006 17:04, Michael Sullivan wrote: > What do you make of this? I found it in /var/log/messages: > > Jun 22 10:59:15 bullet sm-mta[2558]: k5L4mNFw021664: > to=<[EMAIL PROTECTED]>, delay=1+11:10:52, xdelay=00:03:09, > mailer=esmtp, pri=6425885, relay=mail.midamerica.com. [65.243.220.163], > dsn=4.0.0, stat=Deferred: Connection timed out with mail.midamerica.com. > > > There are several of these. It looks to me as if someone is trying to > send mail to [EMAIL PROTECTED], but neither my wife nor I know > them, and we're the only espersunited.com users who use mail actively. > Has my mail system been compromised? The mail in question is still lying around somewhere under /var/spool (depending on the MTA you are using). Find it and read it with an editor. That might give you a hint what is going on. Also, read your MTA's log file to find out who has sent it. Uwe -- Mark Twain: I rather decline two drinks than a German adjective. http://www.SysEx.com.na -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT - Mail question
Michael Sullivan wrote: > What do you make of this? I found it in /var/log/messages: > > Jun 22 10:59:15 bullet sm-mta[2558]: k5L4mNFw021664: > to=<[EMAIL PROTECTED]>, delay=1+11:10:52, xdelay=00:03:09, > mailer=esmtp, pri=6425885, relay=mail.midamerica.com. [65.243.220.163], > dsn=4.0.0, stat=Deferred: Connection timed out with mail.midamerica.com. > > > There are several of these. It looks to me as if someone is trying to > send mail to [EMAIL PROTECTED], but neither my wife nor I know > them, and we're the only espersunited.com users who use mail actively. > Has my mail system been compromised? > Hi, Are you using a local mail-server or a relayhost (yout ISP mail-server)? Check to see if your mail server (if any) isn't an open relay. Google for a site to check or check the config. HTH.Rumen smime.p7s Description: S/MIME Cryptographic Signature
[gentoo-user] OT - Mail question
What do you make of this? I found it in /var/log/messages: Jun 22 10:59:15 bullet sm-mta[2558]: k5L4mNFw021664: to=<[EMAIL PROTECTED]>, delay=1+11:10:52, xdelay=00:03:09, mailer=esmtp, pri=6425885, relay=mail.midamerica.com. [65.243.220.163], dsn=4.0.0, stat=Deferred: Connection timed out with mail.midamerica.com. There are several of these. It looks to me as if someone is trying to send mail to [EMAIL PROTECTED], but neither my wife nor I know them, and we're the only espersunited.com users who use mail actively. Has my mail system been compromised? -- gentoo-user@gentoo.org mailing list