[BlueOnyx:06941] Re: Find remote ip in logs
Gerald Waugh
gwaugh at frontstreetnetworks.com
Sat Apr 9 12:55:12 -05 2011
On Sat, 2011-04-09 at 14:45 +0200, Maurice de Laat wrote:
> Hi list,
>
> More and more I see these kind of security warnings in my
> /var/log/messages:
> Apr 8 11:08:29 arie saslauthd[3489]: do_auth : auth failure:
> [user=office] [service=smtp] [realm=] [mech=pam] [reason=PAM auth error]
>
>
> However, there is no remote ip given. It also can't be found in maillog.
>
> Does anybody know how I can find the offending remote ip?
Look in /var/log/maillog and/or /var/log/messages on or about
Apr 8 11:08:29
As it's probably email or ftp associated
--
Gerald
More information about the Blueonyx
mailing list