Hi all,
The log-checking script on one of the machines I look after has picked
this up [edited to avoid giving too much away]:
---- cut here ----
Nov 26 07:31:39 mymachine sendmail[16970]: HAA16970:
from=, size=1860, class=0, pri=31860, nrcpts=1,
msgid=, proto=ESMTP, relay=[66.78.13.34]
[where mymachine is the machine name]
Nov 26 07:31:39 mymachine sendmail[16971]: HAA16970: forward
/dir/acct/.//.forward: Permission denied
[where /dir is a directory and /acct is an account]
Nov 26 07:31:39 mymachine sendmail[16971]: HAA16970:
to=, delay=00:00:00, xdelay=00:00:00, mailer=local,
stat=Sent
[where adomain is a domain on the machine]
---- cut here ----
The mail to info@adomain.com was some search engine spam. The
/dir/acct directory is the home directory of a non-root account, set
up that way (home=/dir/./acct) for chroot wuftpd. Should I be worried
about this, and if so, what can I do about it?
I'm running SuSE 6.4 with sendmail-8.9.3-105 (AFAIK, the most recent
SuSE rpm I can run without upgrading the machine).
Cheers, Laurie.
--
---------------------------------------------------------------------
Laurie Brown
laurie@brownowl.com
PGP key at http://pgpkeys.mit.edu:11371
---------------------------------------------------------------------