On Sun, 2004-07-04 at 11:45, Derek Jennings wrote: <snip> > > > > > > Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2004-07-04 01:15 > > EDT sendto in send_tcp_raw: sendto(3, packet, 60, 0, 220.80.108.83, 16) => > > Operation not permitted sendto in send_tcp_raw: sendto(3, packet, 60, 0, > > 220.80.108.83, 16) => Operation not permitted Interesting ports on > > 220.80.108.83: > > (The 1646 ports scanned but not shown below are in state: closed) > > PORT STATE SERVICE > > 21/tcp open ftp > > 22/tcp open ssh > > 53/tcp open domain > > 80/tcp open http > > 111/tcp open rpcbind > > 135/tcp filtered msrpc > > 139/tcp filtered netbios-ssn > > 445/tcp filtered microsoft-ds > > 3306/tcp open mysql > > 4444/tcp filtered krb524 > > 5800/tcp filtered vnc-http > > 5900/tcp filtered vnc > > 17300/tcp filtered kuang2 > > Device type: general purpose > > Running: Linux 2.4.X|2.5.X > > OS details: Linux Kernel 2.4.0 - 2.5.20 > > > > Nmap run completed -- 1 IP address (1 host up) scanned in 49.309 seconds > > > > > > > > Terry Golightly ... [EMAIL PROTECTED] ... Pittsburgh, Pa > > Hmmm > Your mail header includes the line > Message-Id: <[EMAIL PROTECTED]> > > tbox.blrm.myhouse.net resolves to 220.80.108.83 which is a block belonging to > an ISP in Korea. It does not seem likely that someone in the US would use a > Korean ISP, but how is that line getting into your email headers? > > It looks like your Postfix config file may have been tampered with to turn you > into a spam relay. > > > derek
Derek, I've attached my main.cf. See what you think? terry Terry Golightly ... [EMAIL PROTECTED] ... Pittsburgh, Pa Mandrake Linux release 10.0 (Official) for i586 kernel 2.6.3-14mdk-i686-up-4GB 11:56:31 up 23:00, 1 user, load average: 0.19, 0.10, 0.09 1st graffitiist: QUESTION AUTHORITY! 2nd graffitiist: Why?
# These are only the parameters changed from a default install # see /etc/postfix/main.cf.dist for a commented, fuller version of this file. # These are changed by postfix install script readme_directory = /usr/share/doc/postfix-2.1.1/README_FILES sample_directory = /usr/share/doc/postfix-2.1.1/samples html_directory = /usr/share/doc/postfix-2.1.1/html sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop command_directory = /usr/sbin manpage_directory = /usr/share/man daemon_directory = /usr/lib/postfix newaliases_path = /usr/bin/newaliases.postfix mailq_path = /usr/bin/mailq.postfix queue_directory = /var/spool/postfix mail_owner = postfix # User configurable parameters inet_interfaces = $myhostname,localhost mynetworks_style = host mydestination = $myhostname, localhost.$mydomain delay_warning_time = 4h smtpd_banner = $myhostname ESMTP $mail_name ($mail_version) (Mandrake Linux) unknown_local_recipient_reject_code = 450 smtp-filter_destination_concurrency_limit = 2 lmtp-filter_destination_concurrency_limit = 2 smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2 myhostname = tbox.blrm.myhouse.net virtual_maps = hash:/etc/postfix/virtual canonical_maps = hash:/etc/postfix/canonical mydomain = myhouse.net masquerade_domains = myhouse.net myorigin = myhouse.net debug_peer_list = myhouse.net
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________