[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
sendmail forgery
- From: Kai-Min Sung <kaimin fmg cs ucla edu>
- To: redhat-list redhat com
- Subject: sendmail forgery
- Date: Thu, 8 Apr 1999 23:17:12 -0700 (PDT)
Lately I've noticed repeated entries in my /var/spool/maillog looking like
this:
maillog:Apr 7 21:16:33 host sendmail[12802]: VAA12802:
ruleset=check_mail, arg 1=<sd000001 polbox com>, relay=smtp2.polbox.com
[195.116.6.12] (may be forged), reject=451 <sd000001 polbox com>... Sender
domain must resolve
maillog:Apr 7 21:16:33 host sendmail[12802]:
VAA12802: from=<sd000001 polbox c om>, size=0, class=0, pri=0, nrcpts=0,
proto=ESMTP, relay=smtp2.polbox.com [195.116.6.12] (may be forged)
When I perform a nslookup on 195.116.6.12, it returns smtp2.polbox.com.
However, trying to nslookup smtp2.polbox.com returns a "non-existent
host/domain" error. What's up with this host and why is it repeatedly
trying to connect to my machine? I've disabled mail relaying on my host so
it can't use it as a spam relay. Can anyone explain to me what's
happening?
-Kai
FMG Research Group
UCLA
kaimin fmg cs ucla edu
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]