Hi gang. Yesterday and today I've received three strange emails. Two came yesterday and supposedly came from "Dino"@server.domain.com (server.domain.com of course being replaced by the actual fqdn). Today's messages was "from" "Goddard Chuck"@server.domain.com. I'm using the default sendmail install plus one update (me thinks) on RH8. According to "telnet localhost 25" I'm running sendmail 8.12.8/8.12.5. The server.domain.com is actually an email gateway to our ms exchange server. The sendmail server doesn't actually do any sending of email except to receive email for our domain and forward it to the exchange server. Except for the box being compromised or exploited in some way how else could the email appear to have come from @server.domain.com? Does it sound like the box is being exploited? I can send the email headers to anyone that would like to see them. Thanks, Chris. -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
