RE: Large SMTP log
- From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
- To: "'[ExchangeList]'" <exchangelist@xxxxxxxxxxxxx>
- Date: Tue, 4 Jan 2005 07:33:13 -0800
I can see that you have some pretty serious DNS problems on both stihq.net
and sti.edu.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
-----Original Message-----
From: Lim, Arthus T. [mailto:alim@xxxxxxxxx]
Sent: Tuesday, January 04, 2005 1:39 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Large SMTP log
http://www.MSExchange.org/
Anyone who can decipher the log that I get? The 4GB log contains these
codes only. Both abc.sti.edu and def.sti.edu are my mail servers.
2005-01-04 00:13:56 192.168.0.1 OutboundConnectionCommand SMTPSVC1 ABC - 25
EHLO - abc.sti.edu 0 0 4 0 0 SMTP - - - -
2005-01-04 00:13:56 192.168.0.1 OutboundConnectionResponse SMTPSVC1 ABC - 25
- - 250-def.sti.edu+Hello+[192.168.0.14] 0 0 38 0 0 SMTP - - - -
2005-01-04 00:13:56 192.168.0.1 OutboundConnectionResponse SMTPSVC1 ABC - 25
- - 334+GSSAPI+supported 0 0 20 0 0 SMTP - - - -
2005-01-04 00:13:56 192.168.0.1 OutboundConnectionResponse SMTPSVC1 ABC - 25
- -
334+oYIBLjCCASqgAwoBAKELBgkqhkiC9xIBAgKigYkEgYZggYMGCSqGSIb3EgECAgIAb3QwcqAD
AgEFoQMCAQ+iZjBkoAMCAReiXQRbthPUJ6SM6V9CXZGI1ITiQOnm8VEMsx8lwMKvs8nAuETrewZj
qomdCdjQ4xrrpOfI7okelXoJOgckFZEwUt3G2UmmBvxdR47SkrAbZsvwxwmeCnDgz8GfzqOTqaOB
iQSBhmCBgwYJKoZIhvcSAQICAgBvdDByoAMCAQWhAwIBD6JmMGSgAwIBF6JdBFu2E9QnpIzpX0Jd
kYjUhOJA6ebxUQyzHyXAwq+zycC4ROt7BmOqiZ0J2NDjGuuk58juiR6Vegk6ByQVkTBS3cbZSaYG
/F1HjtKSsBtmy/DHCZ4KcODPwZ/Oo5Op 0 0 412 0 0 SMTP - - - -
2005-01-04 00:13:56 192.168.0.1 OutboundConnectionResponse SMTPSVC1 ABC - 25
- - 235+2.7.0+Authentication+successful. 0 0 36 0 16 SMTP - - - -
2005-01-04 00:13:56 192.168.0.1 OutboundConnectionCommand SMTPSVC1 ABC - 25
X-LINK2STATE -
LAST+CHUNK={0000006a}+MULTI+(5)+({00000051}+DIGEST_QUERY+24f5df3f0d5b5a49909
45941b8a198e2+ad201721336f00cc23c089464c71edbe++)++ 0 0 12 0 16 SMTP - - - -
2005-01-04 00:13:56 192.168.0.1 OutboundConnectionResponse SMTPSVC1 ABC - 25
- - 200+LAST+CHUNK={00000029}+MULTI+(5)+({00000010}+DONE_RESPONSE++)++ 0 0
66 0 16 SMTP - - - -
2005-01-04 00:13:56 192.168.0.1 OutboundConnectionCommand SMTPSVC1 ABC - 25
QUIT - - 0 0 4 0 16 SMTP - - - -
-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, January 04, 2005 3:41 PM
To: [ExchangeList]
Subject: [exchangelist] RE: Large SMTP log
http://www.MSExchange.org/
Well, the logs will show. Also, you can open up ESM and under the SMTP VS,
look at the queues. If you see an awful lot, you are probably an open relay.
Also, if you post the IP address of the server, it can be tested.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
johnlist@xxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
Other related posts:
