On 4/3/2013 9:37 AM, fra...@iaw.on.ca wrote: > Hi, > > I am running BlueOnyx 3.20110922 . We have had a lot of unauthorized > relaying only for a certain user. We even changed her password but it's > still doing it. > > In the eMail section of Network services I have it checked off to Enable > SMTP Auth and POP Authenticated relaying. > > It's only happening to the one user which is confusing me. What else can > i set to tighten up the relaying? > > Thanks. > > Here is a log entry: > > Apr 3 10:58:56 raq2 sendmail[9296]: AUTH=server, > relay=ip-176.105.131.241.tvsat364.lodz.pl [176.105.131.241], > authid=mmagno, mech=LOGIN, bits=0 > > Apr 3 11:02:05 raq2 sendmail[12291]: AUTH=server, > relay=host-81-190-162-132.gorzow.mm.pl [81.190.162.132], authid=mmagno, > mech=LOGIN, bits=0 > > Apr 3 11:02:20 raq2 sendmail[12306]: AUTH=server, > relay=124-218-75-60.cm.dynamic.apol.com.tw [124.218.75.60] (may be > forged), authid=mmagno, mech=LOGIN, bits=0 > > Apr 3 11:03:14 raq2 sendmail[13029]: AUTH=server, > relay=triband-mum-59.183.21.118.mtnl.net.in [59.183.21.118], > authid=mmagno, mech=LOGIN, bits=0 > > Apr 3 11:06:20 raq2 sendmail[15029]: AUTH=server, relay=[212.5.32.239], > authid=mmagno, mech=LOGIN, bits=0 > > > _______________________________________________ > Blueonyx mailing list > Blueonyx@mail.blueonyx.it > http://mail.blueonyx.it/mailman/listinfo/blueonyx
Spammers have the mmagno password. It seems like restarting sendmail and dovecot would be enough. But for some reason I have seen successful authids after doing that. Maybe they are cached somewhere. If you reboot the server after the password change. That will do it. Ken Marcus _______________________________________________ Blueonyx mailing list Blueonyx@mail.blueonyx.it http://mail.blueonyx.it/mailman/listinfo/blueonyx
