7 messages in net.sourceforge.lists.courier-usersRe: [courier-users] Has someone hacke...
FromSent OnAttachments
tekn...@wp.plSep 28, 2006 11:26 am 
Johnny LamSep 28, 2006 12:35 pm 
Ryan ParleeOct 10, 2006 11:11 pm 
Gordon MessmerOct 11, 2006 12:07 am 
Ryan ParleeOct 11, 2006 9:18 am 
Gordon MessmerOct 11, 2006 9:30 am 
Sam VarshavchikOct 11, 2006 3:19 pm 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: [courier-users] Has someone hacked my Courier?Actions...
From:Sam Varshavchik (mrs@courier-mta.com)
Date:Oct 11, 2006 3:19:51 pm
List:net.sourceforge.lists.courier-users

Ryan Parlee writes:

Gordon,

That's what I couldn't figure out. It looked like from the Courier log that it was received from localhost. I am not running a web service. Besides a few trusted addresses all ports on this machine are blocked except TCP 110 ad 25.

It looks like someone has been able to gain access to my computer through Courier or otherwise convince Courier to relay messages as coming from localhost. Here's my log again for anyone just reading this:

--------------My Courier Log--------------

Oct 5 03:42:50 host5 courierd: newmsg,id=00024851.452438EA.00004776: dns; localhost (localhost [127.0.0.1]) Oct 5 03:42:50 host5 courierd: started,id=00024851.452438EA.00004776,from=<>,module=esmtp,host=breastenhanc em Oct 5 03:42:50 host5 courierd: Waiting. shutdown time=none, wakeup time=Thu Oct 5 03:43:00 2006, queuedeliv Oct 5 03:42:50 host5 courierd: completed,id=00024853.451AEB1A.00006E7E

This is a bounce.

Look earlier in the log for the error message.