LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Sendmail Log unknown relay address (cron message) (https://www.linuxquestions.org/questions/linux-security-4/sendmail-log-unknown-relay-address-cron-message-449751/)

leventis 05-29-2006 11:06 PM

Sendmail Log unknown relay address (cron message)
 
Some background info:
I am behind a router, I run fedora core 4 and my sendmail is 8.13.4 access from outside is not possible to sendmail at least.

/etc/mail/access
# by default we allow relaying from localhost...
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY

From the little I know about sendmail, you can't relay any messages to other hostnames.

To my problem:
May 28 13:47:41 myBox sendmail[2245]: k4SAZcqW002245: to=<root@myBox.com>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=31954, relay=foreign.host, dsn=4.0.0, stat=Deferred: Connection timed out with foreing.host.

There are numerous lines on my Mail Log file similar to the above.



Return-Path: <root@foreign.box>
Received: from myBox.com (myBox.com [127.0.0.1])
by myBox.com(8.13.4/8.13.4) with ESMTP id k4R14buS017459
for <root@myBox.com>; Sat, 27 May 2006 04:04:37 +0300
Received: (from root@localhost)
by myBox.com (8.13.4/8.13.4/Submit) id k4R123SV014333;
Sat, 27 May 2006 04:02:03 +0300
Date: Sat, 27 May 2006 04:02:03 +0300
Message-Id: <200605270102.k4R123SV014333@myBox.com>
From: root@foreign.host (Cron Daemon)
To: root@foreign.host
Subject: Cron <root@orion> run-parts /etc/cron.daily
X-Cron-Env: <SHELL=/bin/bash>
X-Cron-Env: <PATH=/sbin:/bin:/usr/sbin:/usr/bin>
X-Cron-Env: <MAILTO=root>
X-Cron-Env: <HOME=/>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>

/etc/cron.daily/00webalizer:

Warning: Truncating oversized request field
Skipping bad record (124)
/etc/cron.daily/prelink:

/etc/sysconfig/prelink: line 14: --no-exec-shield: command not found


Most messages include the /etc/cron.daily/prelink:

Subject: Cron <root@myBox> run-parts /etc/cron.daily
X-Cron-Env: <SHELL=/bin/bash>
X-Cron-Env: <PATH=/sbin:/bin:/usr/sbin:/usr/bin>
X-Cron-Env: <MAILTO=root>
X-Cron-Env: <HOME=/>
X-Cron-Env: <LOGNAME=root>
X-Cron-Env: <USER=root>

/etc/cron.daily/prelink:

/etc/sysconfig/prelink: line 14: --no-exec-shield: command not found

After doing some reasearch I noticed that most cron jobs have to do with the local host and without any foreing host. Why would the thing above happen.

If someone could enlighten me what is going on, I would be more than greatfull. I hope this is relevant to security...

linuxmanju 05-31-2006 08:55 AM

/etc/mail/access
# by default we allow relaying from localhost...
localhost.localdomain RELAY
localhost RELAY
127.0.0.1 RELAY

From the little I know about sendmail, you can't relay any messages to other hostnames.

Wrong. What that means is that Other machines can not relay messages from your Machine. However your machine is able to send mails to any other machine.

It would be helpfull to know which one is myBox.com. Is it your own box or somebody else's Box.

Regards
Manjunath

leventis 05-31-2006 03:23 PM

First of all thanks for answering.
MyBox.com refers to my desktop pc[localhost, hostname]. Foreign host is a different server somewhere on the internet. I just don't know if it's ok to post actuall addresses.


All times are GMT -5. The time now is 12:58 PM.