[BlueOnyx:02094] did someone get access to server?

T. K. Hughes tommykeegan at gmail.com
Thu Aug 13 09:51:11 -05 2009 

Looking a my logs this morning and looks like someone was trying to send a message or some thing.  What do you think?

Aug 13 10:12:35 www dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Aug 13 10:12:35 www dovecot: IMAP(admin): Disconnected: Logged out bytes=155/654
Aug 13 10:12:35 www dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Aug 13 10:12:35 www dovecot: IMAP(admin): Disconnected: Logged out bytes=329/9746
Aug 13 10:12:37 www dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Aug 13 10:12:37 www dovecot: IMAP(admin): Disconnected: Logged out bytes=96/552
Aug 13 10:12:37 www dovecot: imap-login: Login: user=, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
Aug 13 10:12:37 www dovecot: IMAP(admin): Disconnected: Logged out bytes=643/1720
Aug 13 10:13:39 www dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.1.1, lip=***.***.*.**
Aug 13 10:13:39 www dovecot: POP3(admin): Disconnected: Logged out top=0/0, retr=0/0, del=0/164, size=875232
Aug 13 10:15:02 www sendmail[31341]: n7DEF20N031341: localhost [127.0.0.1] did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
Aug 13 10:15:03 www dovecot: pop3-login: Aborted login (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Aug 13 10:15:04 www dovecot: imap-login: Aborted login (no auth attempts): rip=127.0.0.1, lip=127.0.0.1, secured
Aug 13 10:16:17 www dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.1.1, lip=***.***.*.**
Aug 13 10:16:17 www dovecot: POP3(admin): Disconnected: Logged out top=0/0, retr=0/0, del=0/164, size=875232
Aug 13 10:22:35 www dovecot: pop3-login: Login: user=, method=PLAIN, rip=192.168.1.1, lip=***.***.*.**
Aug 13 10:22:35 www dovecot: POP3(admin): Disconnected: Logged out top=0/0, retr=0/0, del=0/164, size=875232
Aug 13 10:25:30 www sendmail[32614]: n7DEPT5r032614: ruleset=check_rcpt, arg1=, relay=118-169-207-30.dynamic.hinet.net [118.169.207.30], reject=550 5.7.1 ... Relaying denied. Proper authentication required.
Aug 13 10:25:31 www sendmail[32614]: n7DEPT5r032614: lost input channel from 118-169-207-30.dynamic.hinet.net [118.169.207.30] to MTA after rcpt
Aug 13 10:25:31 www sendmail[32614]: n7DEPT5r032614: from=, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA, relay=118-169-207-30.dynamic.hinet.net [118.169.207.30]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20090813/95940f31/attachment.html>

More information about the Blueonyx mailing list