Maillog errors
Lai Zit Seng
lzs at pobox.com
Fri Sep 10 17:13:14 UTC 2004
Perhaps random people are scanning you.
If someone connects to your port 25 and quits, this type of error gets
logged too. You can try testing that yourself and observe :)
Regards,
.lzs
On Fri, 10 Sep 2004, Kevin Old wrote:
> Hello everyone,
>
> I've been seeing quite a few of these "did not issue
> MAIL/EXPN/VRFY/ETRN during connection to MTA" messages in my maillog
> over the past few weeks.
>
> Sep 9 23:20:06 s15111287 sendmail[13734]: i8A3JunX013734:
> [220.186.192.185] did not issue MAIL/EXPN/VRFY/ETRN during connection
> to MTA
> Sep 9 23:20:13 s15111287 sendmail[13732]: i8A3JtnX013732:
> [220.174.221.2] did not issue MAIL/EXPN/VRFY/ETRN during connection to
> MTA
> Sep 9 23:20:13 s15111287 sendmail[13775]: i8A3KDnX013775:
> [64.80.63.187] did not issue MAIL/EXPN/VRFY/ETRN during connection to
> MTA
>
> I use iptables and also have portsentry running, but still there are
> hundreds of these a day in the maillog.
>
> I've thought of writing a perl script that would parse the maillog
> once a day and produce a list of IP's that issued more than 5 of these
> within that day.
>
> Is that a good idea, or could I potentailly be blocking legitiment mail?
>
> Thanks,
> Kevin
> --
> Kevin Old
> kevinold at gmail.com
>
>
> --
> fedora-list mailing list
> fedora-list at redhat.com
> To unsubscribe: http://www.redhat.com/mailman/listinfo/fedora-list
>
More information about the fedora-list
mailing list