Re: [exim] Open relay?

Top Page
This message is part of the following thread:
M-\the complete thread tree sorted by date
M.MRalph Ballier at <-
M\Sven Hartge at ->
Delete this message
Reply to this message
Author: Oliver Heesakkers
Date:  
To: exim-users
Subject: Re: [exim] Open relay?
Op di 14 feb 2012 15:43:00 schreef Ralph Ballier:
> Hello,
>
> one of my server with exim 4.77 seems to be an open relay, but I mean I had
> configured all right. I use smtp authentication and suppose, that hackers
> had found out username and password of a legal user. Is it possible to
> logging all information floating from mail client to server? I hope to get
> the username which give access to the server.
>
> Or do you mean, there is an other reason for open relay?
>
> Raba

The login name and authorisation _is_ logged in the standard configuration
(the string preceded with 'A='). Also in standard configuration your box would
not be an open relay.

If no 'A=' string is present in the log for the outgoing mail, you might want
to check is there is a 'U=' string which would signify that a user is
submitting these mails locally (website, compromised local user).

Some snippets from you log would help us greatly in any further investigation.

This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-[exim] Open relay?Re: [exim] verify is user exists->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)