Autor: Sławomir Dworaczek Data: Para: Exim-users Assunto: Re: [exim] what is log part ? attack ?
the problem is that this log enrolls at all the messages that come in the
log is an example of the correct messages with facebook
the host does not exist smarthost.win.pl and there is no IP address
regards
Slawek
----- Original Message -----
From: "Sławomir Dworaczek" <slawek@???>
To: <Exim-users@???>
Sent: Friday, October 9, 2015 1:30 PM
Subject: Re: what is log part ? attack ?
>
> The problem is that I never have set such a domain in any configuration
> file in the system
>
> Regards
> Slawek
>
> ----- Original Message -----
> From: "Sławomir Dworaczek" <slawek@???>
> To: <exim-users@???>
> Sent: Thursday, October 8, 2015 12:27 PM
> Subject: what is log part ? attack ?
>
>
>> Hello
>> The log in Exim, I received some strange news
>> no IP address found for host smarthost.win.pl (during SMTP connection
>> xxx.xxx.xxx
>>
>> It comes up with all e-mail coming from the outside.
>>
>> 2015-10-08 00:52:14 no IP address found for host smarthost.win.pl (during
>> SMTP connection from 66-220-155-136.outmail.facebook.com
>> (mx-out.facebook.com) [66.220.155.136])
>> 2015-10-08 00:52:14 1ZjxZG-0001Jk-7v DKIM: d=facebookmail.com
>> s=s1024-2013-q3 c=relaxed/simple a=rsa-sha256 t=1444256974 [verification
>> succeeded]
>> 2015-10-08 00:52:14 1ZjxZG-0001Jk-7v <=
>> notification+kjdm75-dp3-m@???
>> H=66-220-155-136.outmail.facebook.com (mx-out.facebook.com)
>> [66.220.155.136] P=esmtp S=8933 id=794518beb5$
>> 2015-10-08 00:52:15 1ZjxZG-0001Jr-K7 <=
>> notification+kjdm75-dp3-m@??? U=exim P=bogodone S=9220
>> id=794518beb59e9298de50ed47cb4f2c39@???
>> 2015-10-08 00:52:15 1ZjxZG-0001Jr-K7 => myuser <myuser@???>
>> R=localuser T=local_delivery
>> 2015-10-08 00:52:15 1ZjxZG-0001Jr-K7 Completed
>>
>>
>>
>> 2015-10-08 01:46:38 no IP address found for host smarthost.win.pl (during
>> SMTP connection from mx3.mf.gov.pl (cobzas-pr-ia-9-ft2-spam.mf.gov.pl)
>> [145.237.192.4])
>> 2015-10-08 01:46:38 no IP address found for host smarthost.win.pl (during
>> SMTP connection from mx3.mf.gov.pl (cobzas-pr-ia-9-ft2-spam.mf.gov.pl)
>> [145.237.192.4])
>> 2015-10-08 01:46:38 1ZjyPu-0001tr-LT <= us2420vatref@???
>> H=mx3.mf.gov.pl (cobzas-pr-ia-9-ft2-spam.mf.gov.pl) [145.237.192.4]
>> P=esmtps
>> X=TLSv1:DHE-RSA-AES256-SHA:256 CV=no S=23$
>> 2015-10-08 01:46:39 1ZjyPu-0001ty-Vq <= us2420vatref@???
>> U=exim
>> P=bogodone S=237596
>> id=475053812.102741444261592745.JavaMail.csiapp@???
>> 2015-10-08 01:46:39 1ZjyPu-0001ty-Vq => myuser1 <myuser1@???>
>> R=localuser T=local_delivery
>> 2015-10-08 01:46:39 1ZjyPu-0001ty-Vq Completed
>>
>>
>>
>>
>> Regards
>> Slawek
>>
>>
>