Sorry, Paul, I was wrong with my last response to your problem. In fact your are getting false positives from logcheck, because the log entries contained the string BAD (case-indipendant) Logcheck is preconfigured to flag any lines containing BAD as security violations. :-) Greetings Michael P Ferwerda wrote:
I recently turned on logcheck for the first time and am getting the following security violations. It isn't clear to me why they are security violations. Should I be shutting this access off in some fashion? [...]Security Violations =-=-=-=-=-=-=-=-=-= Oct 24 08:48:29 www sendmail[4114]: IAA04112: to=BadDog154@xxxxxxxxxxx, ctladdr=httpd (15/11), delay=00:00:05, xdelay=00:00:05, mailer=esmtp, relay=mc1.law5.hotmail.com. [64.4.55.71], stat=Sent (Requested mail action okay, completed) [...]