![]() |
|
![]() | ||
|
Subject:
Logging of sendmail authenticated user.
Category: Computers > Internet Asked by: kineticweb-ga List Price: $20.00 |
Posted:
08 Sep 2004 18:21 PDT
Expires: 08 Oct 2004 18:21 PDT Question ID: 398644 |
I think I have a spammer who is using my RedHat 9 server with sendmail to send junk. I require authentication to send email through my server (naturally). But it appears from the headers of messages in the queue that someone found out an account name and password and is using that to successfully authenticate. How can I find out WHICH user? I can't for the life of me figure out a way to determine this from the maillog file. Is there a way I can add this info? Or maybe sniff the packets? |
![]() | ||
|
There is no answer at this time. |
![]() | ||
|
Subject:
Re: Logging of sendmail authenticated user.
From: mckidd-ga on 17 Jan 2005 14:21 PST |
Provided you have smtp-auth installed and working correctly, you should first change the log level in your sendmail configuration. This can be done one of two ways: via the sendmail.mc file, or the sendmail.cf file. Sendmail.mc file approach: Add the following definition to /etc/mail/sendmail.mc define(`confLOG_LEVEL', `14')dnl Rebuild /etc/mail/sendmail.cf m4 sendmail.mc > sendmail.cf Sendmail.cf file approach: Change the following definition in /etc/mail/sendmail.cf O LogLevel=14 After you have changed the logging level, restart the sendmail daemon. Syslog will now log any successful authentications to /var/log/maillog. Of interest to you are the following fields in each authentication log entry: authid= and relay= authid will display the login that was used for the authentication, and relay will display the remote IP address that was added as the temporary relay. If you don't recognize the relay, then it is most likely the spammer entry. Hope this helps. Michael Kidd |
If you feel that you have found inappropriate content, please let us know by emailing us at answers-support@google.com with the question ID listed above. Thank you. |
Search Google Answers for |
Google Home - Answers FAQ - Terms of Service - Privacy Policy |