Hi, I noticed my RH7.2 maillog logged something which caught my attention. I wonder if this indicate someone was trying to hacking from smtp port 25 ?

Jan 19 14:01:54 china sendmail[30184]: g0JK1q830184: ruleset=check_rcpt, arg1=<test@localmail.eknowledge-algx.com>, relay=67-89-161-12.customer.algx.net [67.89.161.12], reject=550 5.7.1 <test@localmail.eknowledge-algx.com>... Relaying denied
Jan 19 14:01:55 china sendmail[30184]: g0JK1q830184: lost input channel from 67-89-161-12.customer.algx.net [67.89.161.12] to MTA after rcpt
Jan 19 14:01:55 china sendmail[30184]: g0JK1q830184: from=<bss@fre.sg.co.nz>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA, relay=67-89-161-12.customer.algx.net [67.89.161.12]

Aslo, logwatch reported as bellow:

g0J9BO829095: SYSERR: putoutmsg (dup-200-67-221-161.prodigy.net.mx): error on output channel sending "220 china.rockstone.com ESMTP
Sendmail 8.11.6/8.11.6; Sat, 19 Jan 2002 03:11:24 -0600": Connection reset by dup-200-67-221-161.prodigy.net.mx
NOQUEUE: root@localhost did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
g0JK1q830184: ruleset=check_rcpt, arg1=<test@localmail.eknowledge-algx.com>, relay=67-89-161-12.customer.algx.net [67.89.161.12], re
ject=550 5.7.1 <test@localmail.eknowledge-algx.com>... Relaying denied
g0JK1q830184: lost input channel from 67-89-161-12.customer.algx.net [67.89.161.12] to MTA after rcpt

Any idea what was going on? thanks.

Sendmail mocks input,
effort to enter flow fail,
Winter lake still sleeps.

* Your mailer denies relaying. Good.
/* Format (5-7-5) is Haiku, but the season turn aint that great. */

How can i insure that relaying is off. Would it be in /etc/access?
I have a statement in /etc/access that allows relaying for local users so they can send mail.
Im a bit confused.

Newer sendmail versions (should) dump (almost) all files in /etc/mail, but correct, the file where *allowed relay domains* are listed in is /etc(/mail)/access. So, unless an address is listed in this file, it isn't granted relaying caps.