OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Gary Ray (glray_at_bariaur.com)
Date: Mon Feb 10 2003 - 18:50:32 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    So there must be some evidence of that in the log.
    Is ns1.runlevel6.com that mailserver?

    > I'll post my actual logs when I've got access (about 6 hours).

    I've tweaked some DNS settings per Greg's advice and I'm attaching some of
    my log file. The smtpd entries are me telnetting on a separate network to
    port 25 and successfully sending a message.

    Feb 10 19:12:44 ns1 postfix/smtpd[6313]: connect from
    cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 19:12:44 ns1 postfix/smtpd[6313]: 8F00B1BF2C:
    client=cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 19:12:44 ns1 postfix/smtpd[6313]: disconnect from
    cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 16:14:21 ns1 ipop3d[6367]: pop3 service init from 127.0.0.1 Feb 10
    16:14:21 ns1 ipop3d[6367]: Auth user=gray host=ns1.runlevel6.com [127.0.0.1]
    nmsgs=0/0 Feb 10 16:14:21 ns1 ipop3d[6367]: Logout user=gray
    host=ns1.runlevel6.com [127.0.0.1] nmsgs=0 ndele=0 Feb 10 19:16:40 ns1
    postfix/smtpd[6403]: connect from
    cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 19:16:40 ns1 postfix/smtpd[6403]: EA5D91BF2C:
    client=cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 19:16:41 ns1 postfix/smtpd[6403]: disconnect from
    cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 19:18:16 ns1 postfix/smtpd[6403]: connect from
    cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 19:18:19 ns1 postfix/smtpd[6403]: 2B33E1BF2A:
    client=cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 19:18:20 ns1 postfix/smtpd[6403]: disconnect from
    cpe-66-189-58-123.ma.charter.com[66.189.58.123]
    Feb 10 16:18:40 ns1 ipop3d[6431]: pop3 service init from 127.0.0.1 Feb 10
    16:18:40 ns1 ipop3d[6431]: Auth user=gray host=ns1.runlevel6.com [127.0.0.1]
    nmsgs=0/0 Feb 10 16:18:40 ns1 ipop3d[6431]: Logout user=gray
    host=ns1.runlevel6.com [127.0.0.1] nmsgs=0 ndele=0 Feb 10 19:22:21 ns1
    postfix/smtpd[6446]: connect from
    206-pool1.ras10.capax.alerondial.net[206.148.32.206]
    Feb 10 19:23:40 ns1 postfix/smtpd[6446]: 323211BF2A:
    client=206-pool1.ras10.capax.alerondial.net[206.148.32.206]
    Feb 10 16:24:21 ns1 ipop3d[6452]: pop3 service init from 127.0.0.1 Feb 10
    16:24:21 ns1 ipop3d[6452]: Auth user=gray host=ns1.runlevel6.com [127.0.0.1]
    nmsgs=0/0 Feb 10 16:24:21 ns1 ipop3d[6452]: Logout user=gray
    host=ns1.runlevel6.com [127.0.0.1] nmsgs=0 ndele=0 Feb 10 19:27:38 ns1
    postfix/smtpd[6467]: connect from
    206-pool1.ras10.capax.alerondial.net[206.148.32.206]
    Feb 10 19:28:27 ns1 postfix/smtpd[6467]: 371C21BF2C:
    client=206-pool1.ras10.capax.alerondial.net[206.148.32.206]
    Feb 10 19:29:45 ns1 postfix/cleanup[6470]: 371C21BF2C:
    message-id=<20030211002827.371C21BF2Cns1.runlevel6.com>
    Feb 10 19:29:45 ns1 postfix/nqmgr[744]: 371C21BF2C:
    from=<grayrunlevel6.com>, size=429, nrcpt=1 (queue active)
    Feb 10 16:29:45 ns1 postfix/local[6474]: 371C21BF2C:
    to=<grayrunlevel6.com>, relay=local, delay=78, status=sent (mailbox) Feb 10
    16:29:59 ns1 ipop3d[6475]: pop3 service init from 127.0.0.1
    Feb 10 16:29:59 ns1 ipop3d[6475]: Auth user=gray host=ns1.runlevel6.com
    [127.0.0.1] nmsgs=1/1
    Feb 10 16:29:59 ns1 ipop3d[6475]: Logout user=gray host=ns1.runlevel6.com
    [127.0.0.1] nmsgs=0 ndele=1
    Feb 10 19:30:29 ns1 postfix/nqmgr[744]: 3E7571BF28:
    from=<grayrunlevel6.com>, size=617, nrcpt=1 (queue active)
    Feb 10 19:30:29 ns1 postfix/nqmgr[744]: BE1731BE7C:
    from=<grayrunlevel6.com>, size=613, nrcpt=1 (queue active)
    Feb 10 19:30:57 ns1 postfix/smtp[6482]: 3E7571BF28: to=<grayscif.com>,
    relay=ns1.scif.com[206.202.64.9], delay=111436, stat us=deferred (host
    ns1.scif.com[206.202.64.9] said: 451 4.1.8 Domain of sender address
    grayrunlevel6.com does not resolve)
    Feb 10 19:30:58 ns1 postfix/smtp[6483]: BE1731BE7C: to=<grayscif.com>,
    relay=ns1.scif.com[206.202.64.9], delay=115703, stat us=deferred (host
    ns1.scif.com[206.202.64.9] said: 451 4.1.8 Domain of sender address
    grayrunlevel6.com does not resolve)
    Feb 10 16:34:21 ns1 ipop3d[6494]: pop3 service init from 127.0.0.1
    Feb 10 16:34:21 ns1 ipop3d[6494]: Auth user=gray host=ns1.runlevel6.com
    [127.0.0.1] nmsgs=0/0
    Feb 10 16:34:21 ns1 ipop3d[6494]: Logout user=gray host=ns1.runlevel6.com
    [127.0.0.1] nmsgs=0 ndele=0
    Feb 10 19:34:50 ns1 postfix/smtpd[6467]: disconnect from
    206-pool1.ras10.capax.alerondial.net[206.148.32.206]