[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Bad mail getting through.

Subject: [cobalt-security] Bad mail getting through.
From: David Lucas <david@xxxxxxxxxxxxxxxx>
Date: Tue, 23 Apr 2002 23:45:42 -0500
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

OK, I need some help.
This email made it through (with the Klez virus)
I see the space at the end of the from address.

I have many "Relaying denied. Please check your mail first." with this iptoday (24.207.16.73)

Most have different froms and tos.

The receipent is bogus, but mine. It belongs to me but has never beenused. (it was harvested and goes to the catchall)

As the from was invalid with the extra space at the end, why did this emailnot get rejected as being relayed. Others today were.I am getting email returned that was never sent with one of my addresses asthe sender.

Apr 23 20:35:18 www sendmail[11539]: g3O1ZB211539: from=<cs@xxxxxxxxxx >,size=152811, class=0, nrcpts=1,msgid=<200204240135.g3O1ZB211539@xxxxxxxxxxxxxxxxxxxx>, proto=SMTP,daemon=MTA, relay=h24-207-16-73.cst.dccnet.com [24.207.16.73]Apr 23 20:35:19 www sendmail[11559]: g3O1ZB211539: to=<tags@xxxxxxxxxx>,ctladdr=<cs@xxxxxxxxxx > (116/100), delay=00:00:08, xdelay=00:00:01,mailer=local, pri=182664, dsn=2.0.0, stat=Sent

Can someone really help here. Over the last week or two, I have reallystarted to get hammered by email like this. This particular one includethe Klez virus.

Prev by Date: RE: [cobalt-security] pmfirewall , IPCHAINS, CDONTS and mail forwarding
Next by Date: Re: [cobalt-security] SSI Vuln on cobalt
Previous by thread: [cobalt-security] Re: RE: SSI Vuln on cobalt
Next by thread: [cobalt-security] https for RAQ admin pages?

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index