does this [see attachment] indicate that some spammer has found a way to get me to relay his mail? aaugh!
this looks bad. i have serensoft.com running in my basement on a woody (and freshly-upgraded 2.4.20-k6 kernel) and i allow pop3 and smtp connections for my serensoft mail users. passwords are in-the-clear there, of course; but with restricted shells (/bin/false) there's not much danger, is there? still, if you look at the attached bounce, it looks like somehow a spammer is trying to use my exim (or worse, IS using my exim) to relay/forward his junk. i did `zgrep zimmerman /var/log/exim/mainlog*` and came up empty. and since it says it arrived on '26 Jan 2003 23:51:44' i also looked for ':51:44' (thinking maybe the time zone might affect the log entry, i looked for minutes:seconds) and found nothing. same for '211.144.100.21', the incoming ip address. paniclog and rejectlog are empty... where should i look? what should i look for? -- I use Debian/GNU Linux version 3.0; Linux server 2.4.20-k6 #1 Mon Jan 13 23:49:14 EST 2003 i586 unknown DEBIAN NEWBIE TIP #104 from Sean Quinlan <[EMAIL PROTECTED]> : Looking to CUSTOMIZE THE COLORS USED BY LS? I find its easier to run "dircolors -p >~/.dircolors" and then add "eval `dircolors -b ~/.dircolors`" to my .bashrc and then make all changes to ~/.dircolors (instead of the system-wide /etc/DIR_COLORS). Probably more pertinent on a multi user system, but good policy nevertheless. Also see http://newbieDoc.sourceForge.net/ ...
--- Begin Message ---The original message was received at Sun, 26 Jan 2003 23:51:44 -0500 (EST) from [211.144.100.21] ----- The following addresses had permanent fatal errors ----- <[EMAIL PROTECTED]> (reason: 550 5.1.1 <william.zimmerman@[138.12.44.45]>... User unknown) (expanded from: <[EMAIL PROTECTED]>) ----- Transcript of session follows ----- ... while talking to [138.12.44.45]: >>> RCPT To:<william.zimmerman@[138.12.44.45]> <<< 550 5.1.1 <william.zimmerman@[138.12.44.45]>... User unknown 550 5.1.1 <[EMAIL PROTECTED]>... User unknownReporting-MTA: dns; lexis-nexis.com Received-From-MTA: DNS; [211.144.100.21] Arrival-Date: Sun, 26 Jan 2003 23:51:44 -0500 (EST) Final-Recipient: RFC822; <[EMAIL PROTECTED]> X-Actual-Recipient: RFC822; william.zimmerman@[138.12.44.45] Action: failed Status: 5.1.1 Remote-MTA: DNS; [138.12.44.45] Diagnostic-Code: SMTP; 550 5.1.1 <william.zimmerman@[138.12.44.45]>... User unknown Last-Attempt-Date: Sun, 26 Jan 2003 23:51:49 -0500 (EST)--- Begin Message --- Title: Englis Classics 3000 Ӣ������--- End Message ------ End Message ---
3000
ENGLISH CLASSICS Ӣ������
��
��װ��
RMB 98.00
�� Ʒ �� ɫ
��ѡ3000��(��)������Ϊȫ��Ô��(Ӣ�İ�)����ȡ������ǧ�����������������������͡���Ұ��������Ȥ���š��������¡����ݺ�����ѧ����ѧ����ʷѧ������ѧ�����ѧ������ѧ����ѧ������ѧ������ѧ�ȣ�������������ʫ������ҥ��ͯ������ʡ��μǡ����ǡ�����¼�ȡ�
ȫ������TXT/HTML��ʽ�������������й�������(�磺�ֵ䡢���������롢�ʶ������ִ�����)�����谲װ�����м�㡣
��TTS����(������ѧ���������ġ���ɽ�ʰ�2000�������ϰ汾��װ��)����ʹ�ÿ�ʵ�����������ķ־䡢�ֶλ�ȫ���ʶ���
��
�� �� �� ��
�κ�����Windows 9x/me/xp/NT/2000�������൱�IJ���ƽ̨��16MB�ڴ棬50MBӲ�̣���������ꡣ
�� �� �� ʽ
�ʹ�:
����: �����
��绰��email��ϵ
�Ϻ���������·81�������¥10��1016��
�������У�������֧����·������
�Ϻ�������Ϣ�������޹�˾ ֣����(��)
�ʺţ�044104-05170410209
�ʱࣺ200233
�Ϻ�������Ϣ�������޹�˾
�Ϻ���������·81�������¥10��, 200233 �绰:021-54485000 ����:021-54480276 ����:info@foundertop.com ��ַ:http://www.foundertop.com �� �� �� ��
�Ϻ�������Ϣ�������޹�˾ ��Ȩ����
2002.12
