Jump to content
Free PC Help Forum
Logging In to Free PC Help Forum Has Changed

How to see who is using the mail server?

Guest justinwyllie

By Guest justinwyllie
in Microsoft Support & Discussions

 Share

Recommended Posts

Guest justinwyllie

Guest justinwyllie

Posted
Posted

Someone is using the Postfix mail server on my CentOs 6.4 system to send spam mail.

 

I see this in the log:

 

Jul 5 19:25:45 048582 courier-pop3d: LOGIN, user=info@x.com, ip=[::ffff:nn.nnn.nnn.54], port=[1265]

Jul 5 19:25:57 048582 courier-pop3d: LOGIN, user=info@x.com, ip=[::ffff:nn.nnn.nnn.54], port=[1267]

Jul 5 19:31:52 048582 courier-pop3d: LOGIN, user=info@x.com, ip=[::ffff:nn.nnn.nnn.54], port=[1295]

 

That looks to me like a line saying there has been a successful login for a user 'info@x.com'. Is this right?

 

And, secondly, what are those port numbers? That looks like scanning - but

isn't this the IP and port of the client making the connection?

 

EDIT: Reading up on this a bit. Am I correct in thinking that this is the client trying to establish multiple simultaneous connections by using different ports?

 

Thank-you

 

--Justin Wyllie

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...