5 Oct
2013
5 Oct
'13
9:11 p.m.
Am 05.10.2013 18:19, schrieb Paul Shuttleworth:
Has anyone any idea how they can be authenticating against SMTP auth with a username that does not exist on the server ?
Any pointers towards next steps appreciated, as I am running out of ideas to try and lock this server down.
Cheers
Paul.
Hi Paul,
you will have to show your Sendmail SMTP AUTH configuration together with all bits set for Cyrus SASL.
Baseline is, there is or has been a user "jon" usable for SMTP AUTH as you have shown by the log entry:
Oct 5 15:17:53 www sendmail[6972]: AUTH=server, relay=pppoe9.net109-120-27.se1.omkc.ru [109.120.27.9] (may be forged), authid=jon, mech=LOGIN, bits=0
Alexander