| Do I have a security breach? [message #129412] |
Thu, 05 May 2016 02:06  |
Gaby
Messages: 34
Registered: March 2010
|
|
|
|
Checking the queue in Kerio Connect I noticed a weird thing: the sender showed <>.
Checking the debug file I noticed something that i suspect it may be an intent of relay using my mail server. Check out the following, particularily the first line
[04/May/2016 20:12:54][4444] {smtpc} Sending email to SMTP server mx01.mail.de, delivering mail from <>
[04/May/2016 20:12:55][4444] {smtpc} Connecting to 213.128.151.210 (mx01.mail.de) using local interface 0.0.0.0...
[04/May/2016 20:12:55][4444] {smtpc} Connected to mx01.mail.de
[04/May/2016 20:12:55][4444] {smtpc} Received greeting: 220 mx01.mail.de ESMTP eXpurgate 4.0.10
[04/May/2016 20:12:55][4444] {smtpc} Sending EHLO
[04/May/2016 20:12:56][4444] {smtpc} Switching connection to TLS
[04/May/2016 20:12:57][4444] {smtpc} Sending EHLO
[04/May/2016 20:12:57][4444] {smtpc} Sent MAIL command
[04/May/2016 20:12:57][4444] {smtpc} Got reply: 250 OK
[04/May/2016 20:12:57][4444] {smtpc} Sent RCPT TO: <SkinnerRosalinda51596<_at_>trash-email.de>
[04/May/2016 20:12:58][4444] {smtpc} Got reply: 250 OK
[04/May/2016 20:12:58][4444] {smtpc} Sent DATA command
[04/May/2016 20:12:58][4444] {smtpc} Got reply: 354 End data with <CR><LF>.<CR><LF>
[04/May/2016 20:12:58][4444] {smtpc} Sending message body...
[04/May/2016 20:12:58][4444] {smtpc} Data sent, got reply: 450 4.7.1 <SkinnerRosalinda51596<_at_>trash-email.de>: Relay access denied
[04/May/2016 20:12:58][4444] {smtpc} Data not accepted: 450 4.7.1 <SkinnerRosalinda51596<_at_>trash-email.de>: Relay access denied
[04/May/2016 20:12:59][4444] {smtpc} QUIT sent, got reply: 221 Bye
[04/May/2016 20:12:59][4444] {smtpc} Delivery to other mx servers was skipped.
I can't fully understand what is going on, but seems that someone called <> is trying to send a message through my server. Can it be?
Thanks in advance
|
|
|
|
Members
Search
Help
Register
Login
Home
