Am 05.10.2013 18:19, schrieb Paul Shuttleworth: > Has anyone any idea how they can be authenticating against SMTP auth with > a username that does not exist on the server ? > > Any pointers towards next steps appreciated, as I am running out of ideas > to try and lock this server down. > > > Cheers > > Paul. Hi Paul, you will have to show your Sendmail SMTP AUTH configuration together with all bits set for Cyrus SASL. Baseline is, there is or has been a user "jon" usable for SMTP AUTH as you have shown by the log entry: Oct 5 15:17:53 www sendmail[6972]: AUTH=server, relay=pppoe9.net109-120-27.se1.omkc.ru [109.120.27.9] (may be forged), authid=jon, mech=LOGIN, bits=0 Alexander