Hi all,
I'm wondering if someone can help me interpret this. I got lots of this in my
maillog:
..
1958:Jan 27 05:52:03 voyager sendmail[13700]: i0RAq3413700:
<peter@xxxxxxxxxxxxxxxxxxxx>... User unknown
1962:Jan 27 06:01:10 voyager sendmail[13758]: i0RB19413758:
<sandra@xxxxxxxxxxxxxxxxxxxx>... User unknown
1969:Jan 27 06:08:46 voyager sendmail[13808]: i0RB8j413808:
<ray@xxxxxxxxxxxxxxxxxxxx>... User unknown
..
and (sometimes) correspondingly in the next line the following also exist:
jan 27 05:36:58 voyager sendmail[13585]: i0RAaw413585: lost input channel from
adsl-66-73-195-63.dsl.chcgil.ameritech.net [66.73.195.63] to MTA after rcpt
Jan 27 05:36:58 voyager sendmail[13585]: i0RAaw413585:
from=<ruiglopes@xxxxxxxxxxxxxxxx>, size=0, class=0, nrcpts=0, proto=ESMTP,
daemon=MTA, relay=adsl-66-73-195-63.dsl.chcgil.ameritech.net [66.73.195.63]
Jan 27 05:38:30 voyager sendmail[13590]: i0RAcU413590: lost input channel from
adsl-66-73-195-63.dsl.chcgil.ameritech.net [66.73.195.63] to MTA after rcpt
Jan 27 05:38:30 voyager sendmail[13590]: i0RAcU413590:
What is the "lost input channel" mean? Does this mean someone try to probe
what user exists on my server? should I be worried?
I just noticed also this happen to my other machine. One of the email got thru
and I received mail that contains file.zip and document.zip. I looked at the
header and it looks like it's from 66.73.195.63, althouh I know it can be
forged.
Any help is greatly appreciated. Thanks.
RDB
--
Reuben D. Budiardja
Department of Physics and Astronomy
The University of Tennessee, Knoxville, TN
---------------------------------------------------------
"To be a nemesis, you have to actively try to destroy
something, don't you? Really, I'm not out to destroy
Microsoft. That will just be a completely unintentional
side effect."
- Linus Torvalds -
--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list
