On Fri, 2004-08-20 at 21:10, Bob Holtzman wrote: > On Fri, 20 Aug 2004, Craig White wrote: > > > On Fri, 2004-08-20 at 00:05, Bob Holtzman wrote: > > > I just got logwatch fired up and I'm seeing entries such as: > > > > > > --------------------- sendmail Begin ------------------------ > > > > > > 1161352 bytes transferred > > > 267 messages sent > > > ---------------------- sendmail End ------------------------- > > > > > > If this refers to outgoing messages from my box, I have a problem, true? > > > I'm running RH 7.3 and checked medium security level when I installed. > > > Any other information required? > > ==== > > what's in /var/log/maillog ? > > > > what do you get from > > rpm -qa|grep sendmail > > cat /etc/mail/access > > commands? > > I'm getting a bunch of bounce entrys, multiples of each: > > Aug 20 19:23:58 localhost sendmail[9563]: i7L2Nv509563: > from=, size=22728, class=-100, nrcpts=1, > msgid=<1092961364.4762.4.camel@palmettodomains.com>, bodytype=7BIT, > proto=ESMTP, daemon=MTA, relay=localhost.localdomain [127.0.0.1] > > Aug 20 19:23:59 localhost sendmail[9572]: i7L2Nx509572: > from=, size=6640, class=-30, > nrcpts=1, msgid=, proto=ESMTP, daemon=MTA, > relay=localhost.localdomain [127.0.0.1] > > rpm -qa|grep sendmail gives: > > sendmail-cf-8.11.6-15 > sendmail-8.11.6-15 > > I should have included this in my original post. > > The next one, I think, concerns me: > > [holtzm@localhost holtzm]$ cat /etc/mail/access > # Check the /usr/share/doc/sendmail/README.cf file for a description > # of the format of this file. (search for access_db in that file) > # The /usr/share/doc/sendmail/README.cf is part of the sendmail-doc > # package. > # > # by default we allow relaying from localhost... > localhost.localdomain RELAY > localhost RELAY > 127.0.0.1 RELAY > > Does this mean I'm an open relay? > > On a related note I saw this in my maillog from July 18: > > Jul 18 23:31:13 localhost sendmail[960]: alias database /etc/aliases > rebuilt by root > Jul 18 23:31:13 localhost sendmail[960]: /etc/aliases: 40 aliases, longest > 10 bytes, 395 bytes total > > /etc/aliases shows redirections for all pseudo accounts to be root except > for: > > newsadm: news > newsadmin: news > usenet: news > ftpadm: ftp > ftpadmin: ftp > ftp-adm: ftp > ftp-admin: ftp > > Am I confused? Damned right I am! ----- Actually, most everything looks good from here. let's break down your concerns... The two items you quote from the maillog appear to be 'inbound' messages to your domain which your server is apparently configured to accept and the 'relay' aspect is to accept and forward to local users. The only way to know for certain is to check the 'other' line that links to these by message id which tells who those mails are being sent 'to'. Sendmail 8.11.6-15 is out of date - you may want to check out apt-get or yum and using fedora legacy to get updates... for more specific info on using apt/yum and fedora legacy... Seems that you should be up to 8.11.6-27 /etc/mail/access does not permit relaying by other hosts - no need to worry about this being misconfigured Your aliases file is normal - you can redirect root's mail to another account (recommended practice), by adding a line something like root: another_local_account Craig --------------------------------------------------- PLUG-discuss mailing list - PLUG-discuss@lists.plug.phoenix.az.us To subscribe, unsubscribe, or to change you mail settings: http://lists.PLUG.phoenix.az.us/mailman/listinfo/plug-discuss