Re: IMAP security

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Anne Wilson wrote:
These, it seems, are outgoing packets. Why, then, have they got those source addresses? Is someone managing to bounce packets through my mail server to hide their tracks?

Presumably those logs are for incoming connections in your router (looks like a netgear log to me). The source IP address is the address of the host trying to connect to your imap service (port 143)

I've never seen many of these, just the occasional one. Sometimes they seem to relate to an ntp source. Often they seem to come from a university site. I think the fact that I don't see many means that I'm not being used as an open relay, but I'm not 100% confident of that. I'd like to understand what's happening.


Again, "being an open relay" refers to spammers being able to send (or relay) mail through your smtp server (port 25). IMAP is a protocol for you to retrieve mail, not send it.

You can check your mail server is not acting as an open relay here:

http://www.abuse.net/relay.html

It's probably a good idea to check each time you change something in /etc/postfix/main.cf if you are not 100% sure.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux