PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : sendmail sieht mich als Angreifer??



Hansa
05.07.04, 18:53
Okay, erstmal vorab: Ich hab 0 Schnall davon. Bin ja schon froh, dass ich an die Log-Files ran gekommen bin ...

Die dengelten mir dann mal getrost folgendes entgegen:


Jul 5 18:17:02 login sendmail[4182]: i65GH1kr004174: to=<mail@domain.de>, ctladdr=<Kristian@domain2.de> (645/101), delay=00:00:01, xdelay=00:00:00, mailer=local, pri=31394, dsn=2.0.0, stat=Sent
Die kam auch wunderbar bei mir an.




Jul 5 18:31:17 login sendmail[8004]: i65GV6kr008004: iD4CC06BE.versanet.de [212.W.X.Y]: possible SMTP attack: command=AUTH, count=7
Jul 5 18:31:51 login sendmail[8004]: i65GV6kr008004: iD4CC06BE.versanet.de [212.W.X.Y] did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA

??? Wieso soll ich ein Angreifer sein? :eek:

Vor allen Dingen taucht dieses "did not issue MAIL/EXPN/VRFY/ETRN during connection to MSA" immer dann auf, wenn ich versuche, Mails zu versenden. Was hat das denn zu bedeuten?

Danke schonmal für die Hilfe.

Gruß eines verzweifelnden Hansas

LKH
05.07.04, 19:23
Hi,

also das ist der MSA:

Message Submission Agent (MSA)

* Based on RFC 2476: Message Submission
* SMTP protocol over port 587 (instead of normal 25)
* Meant to be less strict on standards compliance
- Addresses don't have to be fully qualified
- Hostnames don't have to be fully qualified
- Don't require "required" headers, e.g. Message-ID: and Date:
* MSA brings message into standards compliance before relaying to an MTA
- MSA port should be limited to internal hosts (e.g., firewalled from external world)
* sendmail MTA has always been forgiving in what it accepts and strict in what it sends.
- Historically, port 25 has acted as both an MTA and MSA port in sendmail
- Future versions may make port 25 more strict
* MSA port employs different features
- Doesn't allow ETRN
- May require SMTP Authentication
* Accomplished through new DaemonPortOptions (DAEMON_OPTIONS()) syntax

Hoffe es hilft,

LKH