[CentOS] SYD flood dropped on Sendmail (centos 4.x)

Filipe Brandenburger filbranden at gmail.com
Thu Nov 20 21:57:08 UTC 2008


Hi Chris,

You still did not give enough detail of what happens on the machine
when the problem strikes you. For instance:

- What is in /var/log/messages at that time?
- What is in "dmesg" output?
- What is in the log of your POP3 server (you still did not tell which
program you are using)?
- What happens if you run "telnet localhost 110" or "telnet <hostname>
110" (replacing <hostname> with the real host name) while connected to
the problematic host?
- What happens if you run "telnet <hostname> 110" from another machine?

You can also try to run POP3 commands in the telnet session to
diagnose what is the error message when the password is refused.

If you want help, you should start by giving more information about
the problem. You haven't even said which version of CentOS you are
running, if you're fully updated or not, and the program you refer to
(sendmail) clearly has nothing to do with the issue on your firewall
since that one is reporting port 110 which is POP3.

Also, just because the logs of your firewall say something, that does
not mean it's the root of your problem. Maybe that could be an effect
of something else that is happening on your machine and causing
packets to be refused in a way that would trick the firewall to think
there's an attack.

HTH,
Filipe


More information about the CentOS mailing list