On Tue, 5 Feb 2002, Christoph Kukulies wrote:

>
> Since two days my procmail filter isn't working anymore and I
> see these logs in my maillog.
>
> It's FreeBSD 4.4 with ESMTP Sendmail 8.11.6/8.11.6 (the stock
> that comes withthe distribution). Is it likely that I have been
> hacked? I see otherwise no signs thereof.
>
>
> Feb 5 00:00:04 host sendmail[52966]: g14N03M52963: forward /home/user/.forward.host+: Group writable directory
> Feb 5 00:00:04 host sendmail[52966]: g14N03M52963: forward /home/user/.forward+: Group writable directory
> Feb 5 00:00:04 host sendmail[52966]: g14N03M52963: forward /home/user/.forward.host: Group writable directory
> Feb 5 00:00:04 host sendmail[52966]: g14N03M52963: forward /home/user/.forward: Group writable directory

i would start with checking your permissions on those files. most likely
either A) the .forward file has 660 permissions (it *should* default to
755, i think.. depending on your umask), or B) your home directory has a
similar permissions issue.

hope this gives you something to start with..

-------/ f. johan beisser /--------------------------------------+
  http://caustic.org/~jan jancaustic.org
    "John Ashcroft is really just the reanimated corpse
         of J. Edgar Hoover." -- Tim Triche

To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]