now i know what going on inside my mail server.... i notice in my /var/log/maillog the ff:
Jun 24 15:01:39 mail sm-mta[1070]: i5O71cK0001070: <douglas@mydomain.com>... User unknown
Jun 24 15:01:39 mail sm-mta[1070]: i5O71cK0001070: <elliott@mydomain.com>... User unknown
Jun 24 15:01:40 mail sm-mta[1070]: i5O71cK0001070: <fleming@mydomain.com>... User unknown
Jun 24 15:01:40 mail sm-mta[1070]: i5O71cK0001070: <fletcher@mydomain.com>... User unknown
Jun 24 15:01:41 mail sm-mta[1070]: i5O71cK0001070: from=<claribelstrobel@hotmail.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA, relay=HOST20917525277.hosts.lincon.net [209.175.252.77] (may be forged)
Jun 24 15:01:41 mail sm-mta[1070]: i5O71cK1001070: <graves@mydomain.com>... User unknown
Jun 24 15:01:42 mail sm-mta[1070]: i5O71cK1001070: <hammond@mydomain.com>... User unknown
Jun 24 15:01:42 mail sm-mta[1070]: i5O71cK1001070: from=<raguelyamat@logo2mob.com>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA, relay=HOST20917525277.hosts.lincon.net [209.175.252.77] (may be forged)
i been attack!!! By so called "Rumpelstiltskin" i read it in one of the forum but unfortunately they only discuss the attack not the prevention
or the
counter measure. pls help me...its for weeks now went the attack occur in my server. iam affraid it will halt my mailserver