Article 9065 at 07/03/10 05:18:39 From: dan (at mark) dogsbody.org Subject: [coba-e:09065] Re: Relaying?

Index: [Article Count Order] [Thread]

Date:  Fri, 09 Mar 2007 20:18:15 +0000
From:  Dogsbody <dan (at mark) dogsbody.org>
Subject:  [coba-e:09065] Re: Relaying?
To:  coba-e (at mark) bluequartz.org
Message-Id:  <45F1C107.8000304 (at mark) dogsbody.org>
In-Reply-To:  <45F1B26A.1090302 (at mark) distortal.com>
References:  <45F1B26A.1090302 (at mark) distortal.com>
X-Mail-Count: 09065

>    Top relays (recipients/connections - min 10 rcpts, max 50 lines):
>        27/27: s174172.ppp.asahi-net.or.jp [220.157.174.172]
> It appears as though someone has managed to relay mail through my server 
> but I am not sure how.  Could it be a mail header injection on a PHP 
> mail() script, or is it a direct relay with the sender using my server 
> for SMTP?  The IP address is not in my list pr permitted senders.

Could it not just be one of your users sending mail through your server with 
their username and password??

Dan