[CentOS] SMTP Auth Spam Mail Attack
Alexander Dalloz
ad+lists at uni-x.orgSat Oct 5 19:11:23 UTC 2013
- Previous message: [CentOS] SMTP Auth Spam Mail Attack
- Next message: [CentOS] SMTP Auth Spam Mail Attack
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Am 05.10.2013 18:19, schrieb Paul Shuttleworth: > Has anyone any idea how they can be authenticating against SMTP auth with > a username that does not exist on the server ? > > Any pointers towards next steps appreciated, as I am running out of ideas > to try and lock this server down. > > > Cheers > > Paul. Hi Paul, you will have to show your Sendmail SMTP AUTH configuration together with all bits set for Cyrus SASL. Baseline is, there is or has been a user "jon" usable for SMTP AUTH as you have shown by the log entry: Oct 5 15:17:53 www sendmail[6972]: AUTH=server, relay=pppoe9.net109-120-27.se1.omkc.ru [109.120.27.9] (may be forged), authid=jon, mech=LOGIN, bits=0 Alexander
- Previous message: [CentOS] SMTP Auth Spam Mail Attack
- Next message: [CentOS] SMTP Auth Spam Mail Attack
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list