Forum

This forum uses cookies
This forum makes use of cookies to store your login information if you are registered, and your last visit if you are not. Cookies are small text documents stored on your computer; the cookies set by this forum can only be used on this website and pose no security risk. Cookies on this forum also track the specific topics you have read and when you last read them. Please confirm whether you accept or reject these cookies being set.

A cookie will be stored in your browser regardless of choice to prevent you being asked this question again. You will be able to change your cookie settings at any time using the link in the footer.
Sentora Support Forums Sentora Forum Archives Sentora Public Support Forums v1.0.x General Support Forum v1.0.x v root email - security

root email - security
Qtech Offline
Sentora Member
*
OS: CentOS7
Version: 1.0.3
Server: Dedicated
Posts: 50
Threads: 13
Joined: Jul 2015
Reputation: 0
Sex: Undisclosed
Thanks: 6
Given 0 thank(s) in 0 post(s)
#1
root email - security
 04-05-2017, 04:48 PM
Hi I have been trying to secure my server down.

I am now getting this from root@domain.com
Has anyone encountered an issue like this.
thanks.


Time:    Tue Apr  4 23:42:23 2017 -0700
PID:     3046 (Parent PID:2542)
Account: postfix
Uptime:  112 seconds


Executable:

/usr/libexec/postfix/smtpd


Command Line (often faked in exploits):

smtpd -n 127.0.0.1:10025 -t inet -u -c -o content_filter= -o smtpd_helo_restrictions= -o smtpd_sender_restrictions= -o smtpd_recipient_restrictions=permit_mynetworks,reject -o mynetworks=127.0.0.0/8 -o smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000 -o receive_override_options=no_header_body_checks -o smtpd_helo_required=no -o smtpd_client_restrictions= -o smtpd_restriction_classes= -o disable_vrfy_command=no -o strict_rfc821_envelopes=yes


Network connections by the process (if any):

tcp: 127.0.0.1:10025 -> 0.0.0.0:0
tcp: 127.0.0.1:10025 -> 127.0.0.1:53888


Files open by the process (if any):

/dev/null
/dev/null
/dev/null
/var/spool/postfix/pid/inet.127.0.0.1:10025
anon_inode:[eventpoll]
/etc/aliases.db
/etc/aliases.db
Find
Reply
Thanks given by:
Me.B Offline
Dev Team
******
OS: Linux/windows
Version: 1.0.3
Server: Dedicated/VPS/Cloud
Posts: 4 ,002
Threads: 193
Joined: Jul 2014
Reputation: 83
Sex: Undisclosed
Thanks: 72
Given 435 thank(s) in 395 post(s)
#2
RE: root email - security
 04-12-2017, 08:09 PM
nope but you might google it.
No support using PM (Auto adding to IGNORE list!), use the forum. 
How to ask

200$ free to start your VPS 60 days credit
Find
Reply
Thanks given by:
TGates Offline
Sentora Council - Head of Support Team
*******
OS: Ubuntu 20.04 LTS
Version: 2.0.2
Server: i7-6700K @ 4GHz, 8 cores 32GB Ram
Posts: 3 ,662
Threads: 241
Joined: May 2014
Reputation: 85
Sex: Male
Thanks: 408
Given 599 thank(s) in 464 post(s)
#3
RE: root email - security
 04-12-2017, 11:06 PM
I have not seen this before either.
-TGates - Project Council

SEARCH the Forums or read the DOCUMENTATION before posting!
Support Sentora and Donate: HERE
Find my support or modules useful? Donate to TGates HERE
Developers and code testers needed!
Contact TGates for more information
Find
Reply
Thanks given by:
Qtech Offline
Sentora Member
*
OS: CentOS7
Version: 1.0.3
Server: Dedicated
Posts: 50
Threads: 13
Joined: Jul 2015
Reputation: 0
Sex: Undisclosed
Thanks: 6
Given 0 thank(s) in 0 post(s)
#4
RE: root email - security
 04-24-2017, 01:13 AM
These messages were sent out by sentora because of CSF firewall. Removed it and alerts were gone. Still don't understand the messages.
Find
Reply
Thanks given by:


Possibly Related Threads…
Thread Author Replies Views Last Post
change username from email umarzuki@gmail.com 0 1 ,627 11-25-2022, 05:46 PM
Last Post: umarzuki@gmail.com
Email has stopped coming through rsthomas 3 4 ,939 06-21-2022, 12:05 PM
Last Post: fearworks
spammer email plateform sentora scram 8 16 ,726 04-03-2020, 05:43 PM
Last Post: 5050

Forum Jump:


Users browsing this thread: 2 Guest(s)