Dear All,
I have the following setup for almost a year on a single machine running
as a Mail and Dns server and has been workin perfectly fine
CentOS 5 OS
DNS server using bind-9.3.3-10.el5
Mailserver using sendmail-8.13.8-2.el5
apache web server 2.2.3-11.el5_1
SquirrelMail/1.4.13
dovecot-1.0-1.2.rc15.el5
MailScanner ver 4.66.5
mailwatch-1.0.4
Now jus i loged into mailwatch and found my outbound queue has about 30
messages and i opened one of it the latest of message and here below the
details
------------------------------
Received: from kmdns1.kmun.gov.kw (localhost [127.0.0.1])
by kmdns1.kmun.gov.kw (8.13.8/8.13.8) with ESMTP id m447Few7008716
for <info@xxxxxxxxxx>; Sun, 4 May 2008 10:15:40 +0300
Received: (from apache@localhost)
by kmdns1.kmun.gov.kw (8.13.8/8.13.8/Submit) id m3UFqte8002976;
Wed, 30 Apr 2008 18:52:55 +0300
X-Authentication-Warning: kmdns1.kmun.gov.kw: apache set sender to
loanskathryn@xxxxxxxxx using -f
Received: from 196.220.10.253
(SquirrelMail authenticated user mailadmin)
by webmail.baladia.gov.kw with HTTP;
Wed, 30 Apr 2008 18:52:55 +0300 (AST)
Message-ID: <4643.196.220.10.253.1209570775.squirrel@xxxxxxxxxxxxxxxxxxxxxx>
Date: Wed, 30 Apr 2008 18:52:55 +0300 (AST)
Subject: Private, Commercial and Personal Loans !!!
From: "Kathryn Loans" <loanskathryn@xxxxxxxxx>
Reply-To: kathrynloans1@xxxxxxxxx
Bcc:
User-Agent: SquirrelMail/1.4.13
MIME-Version: 1.0
Content-Type: text/plain;charset=windows1256
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
From: loanskathryn@xxxxxxxxx [Add to Whitelist | Add to Blacklist]
To: info@xxxxxxxxxx
Subject: Private, Commercial and Personal Loans !!!
also i could see the foolowing
Relay Information: Date/Time Relayed by Relayed to Delay Status
04/05/08 23:19:20 kmdns1 mail.networksolutionsemail.com 00:00:01 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 23:04:20 kmdns1 mail.networksolutionsemail.com 00:00:01 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 22:49:20 kmdns1 mail.networksolutionsemail.com 00:00:01 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 22:34:19 kmdns1 mail.networksolutionsemail.com 00:00:00 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 22:19:20 kmdns1 mail.networksolutionsemail.com 00:00:00 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 22:04:19 kmdns1 mail.networksolutionsemail.com 00:00:00 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 21:49:19 kmdns1 mail.networksolutionsemail.com 00:00:00 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 21:34:19 kmdns1 mail.networksolutionsemail.com 00:00:00 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 21:19:20 kmdns1 mail.networksolutionsemail.com 00:00:01 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 21:04:20 kmdns1 mail.networksolutionsemail.com 00:00:01 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 20:49:20 kmdns1 mail.networksolutionsemail.com 00:00:01 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 20:34:19 kmdns1 mail.networksolutionsemail.com 00:00:00 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 20:19:20 kmdns1 mail.networksolutionsemail.com 00:00:01 Deferred:
Connection reset by inbound.rndtec.com.netsolmail.net.
04/05/08 20:04:19 kmdns1 mail.networksolutionsemail.com 00:00:00 Deferred:
Connection reset by inbound.rndtec
--------------------------------------------
now i do have relay domains so sendmail is configured to allow relaying
only our network
also i see that apache is authenticating the user --loanskathryn@xxxxxxxxx
using -f
1) is this a security problem in apache or squirrelmail as im confused
apprecite your suggestion and help
i have blacklisted using mailwatch
blacklist for webuser -- webuser is the user used to login to mailwatch
loanskathryn@xxxxxxxxx default
thnks and regards
Apprecite
simon
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
-----
squirrelmail-users mailing list
Posting guidelines: http://squirrelmail.org/postingguidelines
List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx
List archives: http://news.gmane.org/gmane.mail.squirrelmail.user
List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
