[gentoo-user] OT - Mail question
What do you make of this? I found it in /var/log/messages: Jun 22 10:59:15 bullet sm-mta[2558]: k5L4mNFw021664: to=[EMAIL PROTECTED], delay=1+11:10:52, xdelay=00:03:09, mailer=esmtp, pri=6425885, relay=mail.midamerica.com. [65.243.220.163], dsn=4.0.0, stat=Deferred: Connection timed out with mail.midamerica.com. There are several of these. It looks to me as if someone is trying to send mail to [EMAIL PROTECTED], but neither my wife nor I know them, and we're the only espersunited.com users who use mail actively. Has my mail system been compromised? -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT - Mail question
On 22 June 2006 17:04, Michael Sullivan wrote: What do you make of this? I found it in /var/log/messages: Jun 22 10:59:15 bullet sm-mta[2558]: k5L4mNFw021664: to=[EMAIL PROTECTED], delay=1+11:10:52, xdelay=00:03:09, mailer=esmtp, pri=6425885, relay=mail.midamerica.com. [65.243.220.163], dsn=4.0.0, stat=Deferred: Connection timed out with mail.midamerica.com. There are several of these. It looks to me as if someone is trying to send mail to [EMAIL PROTECTED], but neither my wife nor I know them, and we're the only espersunited.com users who use mail actively. Has my mail system been compromised? The mail in question is still lying around somewhere under /var/spool (depending on the MTA you are using). Find it and read it with an editor. That might give you a hint what is going on. Also, read your MTA's log file to find out who has sent it. Uwe -- Mark Twain: I rather decline two drinks than a German adjective. http://www.SysEx.com.na -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT - Mail question
On Thu, 2006-06-22 at 17:21 +0100, Uwe Thiem wrote: On 22 June 2006 17:04, Michael Sullivan wrote: What do you make of this? I found it in /var/log/messages: Jun 22 10:59:15 bullet sm-mta[2558]: k5L4mNFw021664: to=[EMAIL PROTECTED], delay=1+11:10:52, xdelay=00:03:09, mailer=esmtp, pri=6425885, relay=mail.midamerica.com. [65.243.220.163], dsn=4.0.0, stat=Deferred: Connection timed out with mail.midamerica.com. There are several of these. It looks to me as if someone is trying to send mail to [EMAIL PROTECTED], but neither my wife nor I know them, and we're the only espersunited.com users who use mail actively. Has my mail system been compromised? The mail in question is still lying around somewhere under /var/spool (depending on the MTA you are using). Find it and read it with an editor. That might give you a hint what is going on. Also, read your MTA's log file to find out who has sent it. Uwe -- Mark Twain: I rather decline two drinks than a German adjective. http://www.SysEx.com.na I found something that suggests that MAILER-DAEMON is trying to email [EMAIL PROTECTED] to tell them that their spam has been rejected. Probably sent by Mailman. If I can find the original email, can I delet it and make sendmail stop trying to send it? -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] OT - Mail question
On 22 June 2006 18:37, Michael Sullivan wrote: I found something that suggests that MAILER-DAEMON is trying to email [EMAIL PROTECTED] to tell them that their spam has been rejected. Probably sent by Mailman. If I can find the original email, can I delet it and make sendmail stop trying to send it? I haven't used sendmail in ages (about 10 years). I don't remember how to do it cleanly. Why don't you move to a modern MTA like exim, postfix, qmail or such? Uwe -- Mark Twain: I rather decline two drinks than a German adjective. http://www.SysEx.com.na -- gentoo-user@gentoo.org mailing list