- 论坛徽章:
- 0
|
每天在/root/Maildir下都受到下面两封类似的邮件,到底是怎么回事呢?
大家帮忙分析一下
Logwatch for dlmail (Linux)
发件人:
logwatch@localhost.localdomain
收件人:
root@localhost.localdomain
日期:
今天 19:28:31
################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Thu Oct 25 19:28:30 2007
Date Range Processed: yesterday
( 2007-Oct-24 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: dlmail
##################################################################
--------------------- Selinux Audit Begin ------------------------
Number of audit daemon stops: 1
**Unmatched Entries**
audit(1193184583.279:2): selinux=0 auid=4294967295
---------------------- Selinux Audit End -------------------------
--------------------- Automount Begin ------------------------
**Unmatched Entries**
create_udp_client: hostname lookup failed: No such process: 7 Time(s)
lookup_read_master: lookup(nisplus): couldn't locat nis+ table auto.master: 1 Time(s)
lookup_mount: exports lookup failed for .directory: 7 Time(s)
create_tcp_client: hostname lookup failed: No such process: 7 Time(s)
---------------------- Automount End -------------------------
--------------------- clam-update Begin ------------------------
Last ClamAV update process started at Wed Oct 24 09:15:33 2007
Last Status:
main.cvd is up to date (version: 44, sigs: 133163, f-level: 20, builder: sven)
Downloading daily-4566.cdiff [100%]
Downloading daily-4567.cdiff [100%]
Downloading daily-4568.cdiff [100%]
Downloading daily-4569.cdiff [100%]
Downloading daily-4570.cdiff [100%]
Downloading daily-4571.cdiff [100%]
Downloading daily-4572.cdiff [100%]
Downloading daily-4573.cdiff [100%]
Downloading daily-4574.cdiff [100%]
Downloading daily-4575.cdiff [100%]
Downloading daily-4576.cdiff [100%]
Downloading daily-4577.cdiff [100%]
Downloading daily-4578.cdiff [100%]
Downloading daily-4579.cdiff [100%]
Downloading daily-4580.cdiff [100%]
daily.inc updated (version: 4580, sigs: 27768, f-level: 21, builder: ccordes)
Database updated (160931 signatures) from db.au.clamav.net (IP: 203.16.234.7
Clamd successfully notified about the update.
---------------------- clam-update End -------------------------
--------------------- Clamav Begin ------------------------
**Unmatched Entries**
Not loading PUA signatures.
Loaded 160431 signatures.
Socket file /tmp/clamd.socket exists. Unclean shutdown? Removing...
Algorithmic detection enabled.
Mail: Recursion level limit set to 64.
Database correctly reloaded (160931 signatures)
---------------------- Clamav End -------------------------
--------------------- Kernel Begin ------------------------
WARNING: Kernel Errors Present
ata1.00: tag 0 cmd 0xb0 Emask 0x1 stat 0x51 err 0x4 (device error) ...: 6 Time(s)
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
dovecot:
Authentication Failures:
rhost=127.0.0.1 : 14 Time(s)
Unknown Entries:
check pass; user unknown: 14 Time(s)
su:
Sessions Opened:
centos(uid=12346) -> root: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- postfix Begin ------------------------
19296 bytes transferred
7 messages sent
7 messages removed from queue
Database files are not up-to-date (probably rehash is needed): 1 File(s), 2 Time(s)
SASL Authentication failed from: 1 Host(s), 1 Time(s)
Unrecognized warning:
/etc/postfix/vmailbox, line 17: expected format: key whitespace value : 1 Time(s)
/etc/postfix/vmailbox, line 19: expected format: key whitespace value : 1 Time(s)
/etc/postfix/vmailbox, line 21: expected format: key whitespace value : 3 Time(s)
**Unmatched Entries**
0BB52B1D5CB: to=<test001@cn.tre-inc.com>, relay=virtual, delay=43, delays=43/0.07/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
84575B1D5E5: to=<root@localhost.localdomain>, orig_to=<root>, relay=local, delay=3, delays=2.7/0.15/0/0.15, dsn=2.0.0, status=sent (delivered to maildir)
C263AB1D548: to=<root@localhost.localdomain>, orig_to=<root>, relay=local, delay=0.44, delays=0.26/0.1/0/0.07, dsn=2.0.0, status=sent (delivered to maildir)
06136B1D5D9: to=<test@cn.tre-inc.com>, relay=virtual, delay=40, delays=40/0.04/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
2D341B1D5D9: to=<test00@cn.tre-inc.com>, relay=virtual, delay=30, delays=30/0.03/0/0.02, dsn=2.0.0, status=sent (delivered to maildir)
7A431B1D5FA: to=<pass00@cn.tre-inc.com>, relay=virtual, delay=29, delays=29/0.06/0/0.01, dsn=2.0.0, status=sent (delivered to maildir)
E902FB1D539: to=<2200868zhang_honggeng@china.tre-inc.com>, relay=china.tre-inc.com[221.186.126.178]:25, delay=51, delays=36/0.05/15/0.54, dsn=2.0.0, status=sent (250 ok 1193220897 qp 26959)
---------------------- postfix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
**Unmatched Entries**
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user test001@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user test001@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user test@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user test@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user test@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user test00@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user test00@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user pass00@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user pass01@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user pass01@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user pass00@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user pass00@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user pass00@cn.tre-inc.com
dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user pass00@cn.tre-inc.com
---------------------- Connections (secure-log) End -------------------------
--------------------- SSHD Begin ------------------------
SSHD Killed: 1 Time(s)
SSHD Started: 1 Time(s)
Users logging in through sshd:
centos:
172.18.4.66 (dlcdev105.daliantre.local): 1 time
**Unmatched Entries**
warning: /etc/hosts.deny, line 9: missing newline or line too long : 1 time(s)
warning: /etc/hosts.allow, line 7: missing newline or line too long : 1 time(s)
Address 172.18.4.66 maps to dlcdev105.daliantre.local, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/VolGroup00-LogVol00
67G 3.7G 60G 6% /
/dev/sda1 99M 14M 81M 15% /boot
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Anacron job for 'dlmail' cron.daily
发件人:
Anacron <root@localhost.localdomain>
收件人:
root@localhost.localdomain
日期:
今天 09:01:30
You have old files in your logwatch tmpdir (/var/cache/logwatch):
logwatch.uMcBcUmS
The directories listed above were most likely created by a
logwatch run that failed to complete successfully. If so, you
may delete these directories.
/etc/cron.daily/logrotate:
error: sa-update:3 unknown option 'notifyempty' -- ignoring line |
|
免费注册
发表于 2007-10-25 19:37
发表于 2007-10-25 20:44
