• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

seeking other centos 4.4 users

M

masterkain

Guest
every 5 minutes or so I get this in my maillog

Jan 3 10:59:29 www pop3d-ssl: Connection, ip=[127.0.0.1]
Jan 3 10:59:29 www pop3d-ssl: LOGOUT, ip=[127.0.0.1]
Jan 3 10:59:29 www pop3d: Connection, ip=[127.0.0.1]
Jan 3 10:59:29 www pop3d: LOGOUT, ip=[127.0.0.1]
Jan 3 10:59:29 www imapd-ssl: Connection, ip=[127.0.0.1]
Jan 3 10:59:29 www imapd: Connection, ip=[127.0.0.1]
Jan 3 10:59:29 www imapd: 1167818369.113964 LOGOUT, ip=[127.0.0.1],
rcvd=12, sent=308, maildir=/etc/rc.d/init.d

I cannot understand what is that, my box is not hacked, it behaves like
this since I installed it.
I'm on CentOS 4.4 art's rpm, so far I've no clue what is doing this thing and
why, somebody has experienced the same behaviour?

thanks in advance.
 
did you guys figure this out? "maildir=/etc/rc.d/init.d" seems suspicious. I'm seeing this even from the outside (not localhost).
 
This is going on with my setup when a user tries a short mail name when they are not allowed:

Jul 26 14:15:03 jam imapd: Connection, ip=[::ffff:xx.xx.xx.xx]
Jul 26 14:15:23 jam imapd: IMAP connect from @ [::ffff:xx.xx.xx.xx]checkmailpasswd: FAILED: test - short names not allowed from @ [::ffff:xx.xx.xx.xx]ERR: LOGIN FAILED, ip=[::ffff:xx.xx.xx.xx]
Jul 26 14:15:23 jam imapd: 1311714923.484998 LOGOUT, ip=[::ffff:xx.xx.xx.xx], rcvd=10, sent=84, maildir=/etc/rc.d/init.d

I'm not sure what watchdog is so as far as I know I'm not running it.
 
That's normal.

Is it only the /etc/rc.d/init.d maildir path issue that's worrying you here? Yes, it is odd/wrong but I don't think it is significant and therefore nothing to worry about (famous last words).

The thing is that the maildir would match the user logging in. When there's no user/wrong login, there's no correct maildir to display. that's my logic anyway. I dont know why it would use /etc/rc.d/init.d when it doesn't know what to use but maybe it is because smtp_psa is launched by xinetd?

Faris.
 
Back
Top