On 03.06.18 13:25, Proxy wrote:
Jun 3 06:12:04 mail postfix/smtpd[26186]: connect from
mail.example.com[DD.DDD.DD.DDD]
Jun 3 06:12:04 mail postfix/smtpd[26186]: setting up TLS connection from
mail.example.com[DD.DDD.DD.DDD]
Jun 3 06:12:04 mail postfix/smtpd[26186]: Anonymous TLS connection e
On 06/03/2018 11:13 PM, Mike Guelfi wrote:
> Upstream RHEL, and therefore CentOS, don't update version numbers when
> they roll security patches.
>
> Latest release though:
> 2016-10-31 - Jaroslav Škarvada - 2:2.6.6-8
> - Backported support for TLS 1.1, TLS 1.2
>From Centos 7.5:
[satch@c7-i5 ~]$
Upstream RHEL, and therefore CentOS, don't update version numbers when
they roll security patches.
Latest release though:
2016-10-31 - Jaroslav Škarvada - 2:2.6.6-8
- Backported support for TLS 1.1, TLS 1.2
Not insanely old...
Quoting "@lbutlr" :
On 03 Jun 2018, at 16:08, Proxy wrote:
I'm
On 03 Jun 2018, at 16:08, Proxy wrote:
> I'm confident that CentOS security team does a good job providing latest
> security patches RedHat releases including those related to Postfix.
Are you under the impression that CentOS is writing security patches for
obsolete and unsupported versions of
On 3 Jun 2018, at 18:08 (-0400), Proxy wrote:
On 2018-Jun-03 17:06, Bill Cole wrote:
Your system has been compromised. The most common vectors are
vulnerable web
applications (e.g. carelessly-written PHP or CGI scripts) but there
are many
other possible modes of attack.
It's most likely our
On 2018-Jun-03 17:06, Bill Cole wrote:
> Your system has been compromised. The most common vectors are vulnerable web
> applications (e.g. carelessly-written PHP or CGI scripts) but there are many
> other possible modes of attack.
It's most likely our own script, the one that have these credential
Bill Cole:
> > My postconf -n (Postfix 2.6.6) is in the attachment.
>
> Why are you using obsolete software? 2.6.6 was released over 8 years
> ago. The last 2.6.x support release was 2.6.19, over 5 years ago.
>
> If this is generally how software on your system is maintained, it is
> unsurprisi
On 3 Jun 2018, at 7:25 (-0400), Proxy wrote:
Hello,
I'm seeing lot of emails coming from local IP address trying to send
message to non existing accounts. Sending accounts are valid and even
authenticated. They all try to send messages to domain matching the
sending one. For example:
supp...@e
On 2018-Jun-03 11:43, Wietse Venema wrote:
> To find out which processes have a connection to or from port 25,
>
> # lsof -Pi | grep :25 (must run as root to see all processes)
Thanks Wietse, actualy I needed to grep :587 as this is mail sent after
authentication and I got pid that I searche
Proxy skrev den 2018-06-03 13:25:
to get more help post postconf -n
and relevandt logs that shows the problem
Proxy:
> Hello,
>
> I'm seeing lot of emails coming from local IP address trying to send
> message to non existing accounts. Sending accounts are valid and even
> authenticated. They all try to send messages to domain matching the
> sending one. For example:
>
> supp...@example.org -> u...@exampl
11 matches
Mail list logo
