Mark Newton writes:
> Ludwig Pummer wrote:
>
> > >tcp 0 0 access.pop3 ppp170-tc3.1658 TIME_WAIT
> > >tcp 0 87 access.smtp egeo.unipg.it.4930 ESTABLISHED
> > >tcp 0 169 access.smtp ARMINCO.COM.51685 ESTABLISHED
> > >tcp 0 0 access.3314 192.168.1.2.smtp SYN_SENT
> > > ^^^^^^^^^^^^^^^^
> > >tcp 0 0 access.smtp interfuture.com.3509 TIME_WAIT
> > >
> > >I haven't any proxy server installed on my system or something look like
> > >it. Strange why in my system i see this IP ? What is it ?
> >
> > My guess is someone either a) has an incorrectly set firewall/proxy gateway
> > system or b) is trying to hack/break your machine
>
> That's a bit extreme: His machine is making an *outbound* SMTP connection
> to a host that doesn't appear to be answering. Could it be that someone
> has simply misaddressed some email?
>
> Use the "mailq" (or "sendmail -bp") command to see what's stuck in
> your mail queue.
It could be that someone's mail host does translate to that
non-Internet-routable address. Perhaps said host's admin thought he's
supposed to list the IP address of his Ethernet (or PPP or whatever)
interface in the DNS, as opposed to the pre-translation one given to
him by his ISP.
-jav
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message