--- Mike Pelley <mike@xxxxxxxxxxx> wrote: > Folks - I noticed some strange errors in my logwatch > report and when I checked my maillog I found the > entries below. I have SMTPS with TLS set up for > authentication. Does this mean I'm being used as a > relay? > > maillog:Mar 29 09:30:24 zeus postfix/smtpd[26863]: > connect from unknown[216.113.195.131] > maillog:Mar 29 09:30:24 zeus postfix/smtpd[26863]: > setting up TLS connection from > unknown[216.113.195.131] > maillog:Mar 29 09:30:24 zeus postfix/smtpd[26863]: > TLS connection established from > unknown[216.113.195.131]: TLSv1 with cipher > DHE-RSA-AES256-SHA (256/256 bits) > maillog:Mar 29 09:30:25 zeus postfix/smtpd[26863]: > 0A1267031D: client=unknown[216.113.195.131] > maillog:Mar 29 09:30:25 zeus postfix/smtpd[26863]: > 0A1267031D: reject: RCPT from > unknown[216.113.195.131]: 450 <wjwwwdk@xxxxxxxxxxx>: > User unknown in local recipient table; from=<> > to=<wjwwwdk@xxxxxxxxxxx> proto=ESMTP > helo=<email.noproblemnetworks.com> > maillog:Mar 29 09:30:27 zeus postfix/smtpd[26863]: > disconnect from unknown[216.113.195.131] I don't think you're being used as a spammer--though someone is trying. There is a REJECT line in your log for that job#. I get these a lot (though use sendmail so it's a little different). There are so many people out there trying, though, you may want to make sure you server is secure by enabling SMTP AUTH and checking your Access lists in the configuration files. Corey __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
