Anne Wilson wrote:
These, it seems, are outgoing packets. Why, then, have they got those source
addresses? Is someone managing to bounce packets through my mail server to
hide their tracks?
Presumably those logs are for incoming connections in your router (looks
like a netgear log to me). The source IP address is the address of the
host trying to connect to your imap service (port 143)
I've never seen many of these, just the occasional one. Sometimes they seem
to relate to an ntp source. Often they seem to come from a university site.
I think the fact that I don't see many means that I'm not being used as an
open relay, but I'm not 100% confident of that. I'd like to understand
what's happening.
Again, "being an open relay" refers to spammers being able to send (or
relay) mail through your smtp server (port 25). IMAP is a protocol for
you to retrieve mail, not send it.
You can check your mail server is not acting as an open relay here:
http://www.abuse.net/relay.html
It's probably a good idea to check each time you change something in
/etc/postfix/main.cf if you are not 100% sure.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos