Maillog errors
Kevin Old
kevinold at gmail.com
Fri Sep 10 12:24:14 UTC 2004
Hello everyone,
I've been seeing quite a few of these "did not issue
MAIL/EXPN/VRFY/ETRN during connection to MTA" messages in my maillog
over the past few weeks.
Sep 9 23:20:06 s15111287 sendmail[13734]: i8A3JunX013734:
[220.186.192.185] did not issue MAIL/EXPN/VRFY/ETRN during connection
to MTA
Sep 9 23:20:13 s15111287 sendmail[13732]: i8A3JtnX013732:
[220.174.221.2] did not issue MAIL/EXPN/VRFY/ETRN during connection to
MTA
Sep 9 23:20:13 s15111287 sendmail[13775]: i8A3KDnX013775:
[64.80.63.187] did not issue MAIL/EXPN/VRFY/ETRN during connection to
MTA
I use iptables and also have portsentry running, but still there are
hundreds of these a day in the maillog.
I've thought of writing a perl script that would parse the maillog
once a day and produce a list of IP's that issued more than 5 of these
within that day.
Is that a good idea, or could I potentailly be blocking legitiment mail?
Thanks,
Kevin
--
Kevin Old
kevinold at gmail.com
More information about the fedora-list
mailing list