Hello managers,
this morning I found a huge number of entries in mail.log which have
abnormal appearance: without any smtp command ("TO" can be expected),
only delivery address - nonexistent user (explicitly falsified) on our
server, and, what is worst, all of them have DIFFERENT RELAY ADDRESS -
FROM ALL OVER THE WORLD, to the same recipient. Since the existent rules
are not violated, there is no any "ruleset=check_mail". (Although I don't
know why smtp does not complain about absence of any command, but this
does not matter).
Is there someone who has encountered the same, and what might your advice
be ? We are running sendmail 8.9.3. on Tru64 4.0D.
An extract from the mail.log:
Jul 16 22:01:40 alpha sendmail[7373]: WAA07373:
<iejrgbni_at_alpha.iae.nsk.su>... User unknown
Jul 16 22:01:41 alpha sendmail[7373]: WAA07373: from=<>, size=7275,
class=0, pri=0, nrcpts=0, proto=ESMTP,
relay=faulkner.netnet.net [206.40.99.110]
etc. etc. etc...
Thanks,
Irene
*************************************************************************
* *
* Irene A. Shilikhina e-mail: irene_at_alpha.iae.nsk.su *
* System administrator, *
* Institute of Automation & Electrometry, *
* Siberian Branch of Russian Academy of Sciences, *
* Novosibirsk, Russia *
*
http://www.iae.nsk.su/~irene *
*************************************************************************
* *
* The road to hell is paved with good intentions. *
* *
*************************************************************************
Received on Mon Jul 17 2000 - 05:14:11 NZST