[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] maillog: may be forged
- Subject: Re: [cobalt-security] maillog: may be forged
- From: Rik Thomas <rikt@xxxxxxxxxxxxxxxx>
- Date: Wed, 17 Oct 2001 21:40:09 -0400 (EDT)
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
On Wed, 17 Oct 2001, John Mehan wrote:
> Hi I was wondering how to read the maillog...
>
> I received this log in the maillog.
>
> Oct 17 10:21:49 ns1 sendmail[20704]: f9HELnF20704:
> from=<CGrossner@xxxxxxxxxxxxxxxxx>, size=3013, class=0, nrcpts=1,
> msgid=<E901D95A7AF2D411B85B0008C72B7D8101872F09@xxxxxxxxxxxxxxxxxxxxxxx>,
> proto=ESMTP, daemon=MTA, relay=134.22.47.tor-55.151.net [134.22.47.55]
> (may be forged)
>
> What does the "may be forged" mean exactly? Does it flag this email
> because the from address does not share the same domain name where the
> message came from?
>
> How do you know if this was an incoming email or an outgoing one?
> Could this be spam?
>
> If anyone can help me with this probably simple question, I would
> appreciate it.
>
> Thanks in advance,
>
> John Mehan
>
It is all about DNS inconsistency, see
http://www.sendmail.org/~ca/email/relayingdenied.html
--
Rik Thomas
rikt@xxxxxxxxxxxxxxxx http://SmartBackups.com
Is your Website Smart? Automated Website backups. Free 30Day trial!
Ph: 888.845.6856 Fx: 302.672.7315 ICQ: 879956