[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] maillog: may be forged

Subject: Re: [cobalt-security] maillog: may be forged
From: Rik Thomas <rikt@xxxxxxxxxxxxxxxx>
Date: Wed, 17 Oct 2001 21:40:09 -0400 (EDT)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Wed, 17 Oct 2001, John Mehan wrote:

> Hi I was wondering how to read the maillog...
> 
> I received this log in the maillog.
> 
> Oct 17 10:21:49 ns1 sendmail[20704]: f9HELnF20704:
> from=<CGrossner@xxxxxxxxxxxxxxxxx>, size=3013, class=0, nrcpts=1,
> msgid=<E901D95A7AF2D411B85B0008C72B7D8101872F09@xxxxxxxxxxxxxxxxxxxxxxx>,
> proto=ESMTP, daemon=MTA, relay=134.22.47.tor-55.151.net [134.22.47.55]
> (may be forged)
> 
> What does the "may be forged" mean exactly?  Does it flag this email
> because the from address does not share the same domain name where the
> message came from?
> 
> How do you know if this was an incoming email or an outgoing one? 
> Could this be spam?
> 
> If anyone can help me with this probably simple question, I would
> appreciate it.
> 
> Thanks in advance,
> 
> John Mehan
> 

It is all about DNS inconsistency, see 

http://www.sendmail.org/~ca/email/relayingdenied.html

-- 
Rik Thomas 
rikt@xxxxxxxxxxxxxxxx http://SmartBackups.com
Is your Website Smart? Automated Website backups.  Free 30Day trial!
Ph: 888.845.6856 Fx: 302.672.7315 ICQ: 879956

References:
- [cobalt-security] maillog: may be forged
  - From: John Mehan

Prev by Date: RE: [cobalt-security] Two Users via Top??
Next by Date: [cobalt-security] Security violations - SPAM
Previous by thread: [cobalt-security] maillog: may be forged
Next by thread: Re: [cobalt-security] maillog: may be forged

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index