Hiding SMTP error messages
Q I've recently been finding a lot of messages like the following in /var/log/maillog:NOQUEUE: server.domain.com [192.168.1.39] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA. Can you tell me if this message is something meaningful? And if there is anything I can do to get rid of it?
A Sadly I cannot tell much from this message alone. It basically means that someone or something has connected to the SMTP port but has not sent a message and then broken the connection (or been disconnected by the server). Maybe you have a spam blacklist configured and it will not allow this sender through, or it may be a probe to check what mail daemon software you are using. It could be as simple as a dropped connection during a mail send. You will probably find that there is another entry in your logs just before this one, which will tell you more as to why this is happening.
- ProFTPD sending email error messages
- Linux error messages with DVD writers
- eth0 error messages
- Reduce the number of identical log messages
- Hiding an Apache directory listing