Hiding SMTP error messages
Q I've recently been finding a lot of messages like the following in /var/log/maillog:NOQUEUE: server.domain.com [192.168.1.39] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA. Can you tell me if this message is something meaningful? And if there is anything I can do to get rid of it?
A Sadly I cannot tell much from this message alone. It basically means that someone or something has connected to the SMTP port but has not sent a message and then broken the connection (or been disconnected by the server). Maybe you have a spam blacklist configured and it will not allow this sender through, or it may be a probe to check what mail daemon software you are using. It could be as simple as a dropped connection during a mail send. You will probably find that there is another entry in your logs just before this one, which will tell you more as to why this is happening.
Follow us on Identi.ca or Twitter