l i n u x - u s e r s - g r o u p - o f - d a v i s
Next Meeting:
July 7: Social gathering
Next Installfest:
Latest News:
Jun. 14: June LUGOD meeting cancelled
Page last updated:
2006 Apr 22 12:06

The following is an archive of a post made to our 'vox-tech mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox-tech] strange postfix error message
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox-tech] strange postfix error message

On Thu, Apr 20, 2006 at 08:48:27PM -0700, Cylar Z wrote:
> Hey all,
> I run FC5. I'm also running Postfix as my mail daemon
> with a program called LogWatch that mails a system log
> summary each day to my root account.
> While browsing this logwatch yesterday, the following
> snippet appeared in the Postfix section:
>  --------------------- postfix Begin
> ------------------------
>  5978 bytes transferred
>  2 messages sent
>  2 messages removed from queue
>  Relaying denied: 2 Time(s)
>  Unrecognized warning:
> 219-84-126-227-adsl-tpe.dynamic.so-net.net.tw[]
> sent non-SMTP                                         
>     command: Subject:?erelay ok?f<my-ip-address-here>
> : 1 Time(s)
>      personaljames.com[] sent non-SMTP
> command: From: "Chase Online"                         
>                    <online@chase.com> : 1 Time(s)
>  ---------------------- postfix End
> --------------------------
> (the field containing <my-ip-address-here> really did
> have my actual IP listed, which I am keeping
> confidential for security reasons.)
> What exactly is that error message I see listed under
> "unrecognized warning?" I don't think it's a mail
> relay attempt, since it says just above that the
> system already denied two of those. Is this some kind
> of attempt to break into the system through the SMTP
> port, and if so, is there any indication the cracker
> was successful?

It looks to me like the relay started sending the message content before
it issued an SMTP DATA command.

Micah J. Cowan
Programmer, musician, typesetting enthusiast, gamer...
vox-tech mailing list

LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!