I came across an interesting attack when I was setting up fail2ban. My
fail2ban config didn't have the ignoreip variable set correctly so I
ended up accidentally temp banning localhost, but it brought an
interesting bit of log to my attention.
9100 May 10 12:00:42 [postfix/smtpd] < unknown[190.144
with IMAP (fetchmail-6.3.11)
for (single-drop); Fri, 16 Oct 2009 12:31:12 -0400 (EDT)
fetchmail is only configured to pop in some other accounts and send
them through port 25.
On Fri, Oct 16, 2009 at 3:05 PM, Wietse Venema wrote:
> John te Bokkel / Tempus:
>> I am not sure why this
I am not sure why this is happening now, I haven't made any changes to
configurations in the last while.
It seems that fetchmail is catching mail that it shouldn't.
Here is an example of an email that got bounced. It was sent locally
in a backup script.
>From MAILER-DAEMON Fri Oct 16 12:31:13
