[BUGS] [root: seaholm security check output]
Jerahmy Pocott
quakenet1 at optusnet.com.au
Wed Jan 23 19:46:01 EST 2008
On 23/01/2008, at 6:41 PM, jonathan michaels wrote:
> Jan 23 03:15:52 sendmail[19172]: NOQUEUE: pooladsl-
> b-15-132.ipcom.comunitel.net [212.145.238.132] did not issue MAIL/
> EXPN/VRFY/ETRN during connection to MTA
> Jan 23 03:16:05 sendmail[19174]: NOQUEUE:
> dsl.dynamic851001276.ttnet.net.tr [85.100.12.76] (may be forged) did
> not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
If they are connecting and not doing thing, maybe it's actually a DoS
attack?
M4 Macro: confTO_COMMAND
Variable: Timeout.command
The default for that value is 1 hour, which I believe means sendmail
will wait an entire hour for a connection to send a command before it
decides to drop it.. I don't think that's a reasonable time out in
this day and age, you might want to try setting it to 5 minutes (which
is the minimum timeout period specified by RFC 2821 section 4.5.3.2
for command to be issued).
I am confused by:
> Jan 23 03:06:27 m0MG6L119176: forward /var/spool/uucppublic/.forward
+: World writable directory
I never use uucp, but that directory is SUPPOSED to be world writable
for it to work properly as far as I know.. Are you using uucp? I don't
think sendmail is configured to even accept uucp by default, though I
guess it might have been back in 97..
Hmm..
More information about the BUGS
mailing list