LINUX.ORG.RU

Message from IP address 127.0.0.1, sender <user@computer> rejected: sender domain does not exist

 


0

1

В логах иногда светится это.

Message from IP address 127.0.0.1, sender <user@computer> rejected: sender domain does not exist
Как понять, что за тулза пытается отправить? Tcpdumpом можно увидеть куда, но не знаю кто или что отправляет. Посмотрел ps -ef, ничего подозрительного не увидел.
 root@mail:/etc# ps -ef
UID        PID  PPID  C STIME TTY          TIME CMD
root         1     0  0 Jul27 ?        00:00:01 init [3]
root         2     0  0 Jul27 ?        00:00:00 [kthreadd]
root         3     2  0 Jul27 ?        00:00:01 [ksoftirqd/0]
root         5     2  0 Jul27 ?        00:00:00 [kworker/u:0]
root         6     2  0 Jul27 ?        00:00:00 [migration/0]
root         7     2  0 Jul27 ?        00:00:00 [migration/1]
root         9     2  0 Jul27 ?        00:00:01 [ksoftirqd/1]
root        11     2  0 Jul27 ?        00:00:00 [migration/2]
root        12     2  0 Jul27 ?        00:00:00 [kworker/2:0]
root        13     2  0 Jul27 ?        00:00:01 [ksoftirqd/2]
root        14     2  0 Jul27 ?        00:00:00 [migration/3]
root        15     2  0 Jul27 ?        00:00:00 [kworker/3:0]
root        16     2  0 Jul27 ?        00:00:01 [ksoftirqd/3]
root        17     2  0 Jul27 ?        00:00:00 [cpuset]
root        18     2  0 Jul27 ?        00:00:00 [khelper]
root        19     2  0 Jul27 ?        00:00:00 [kdevtmpfs]
root        20     2  0 Jul27 ?        00:00:00 [netns]
root       227     2  0 Jul27 ?        00:00:00 [sync_supers]
root       229     2  0 Jul27 ?        00:00:00 [bdi-default]
root       231     2  0 Jul27 ?        00:00:00 [kblockd]
root       411     2  0 Jul27 ?        00:00:00 [ata_sff]
root       418     2  0 Jul27 ?        00:00:00 [khubd]
root       424     2  0 Jul27 ?        00:00:00 [md]
root       531     2  0 Jul27 ?        00:00:00 [rpciod]
root       580     2  0 Jul27 ?        00:00:00 [khungtaskd]
root       586     2  0 Jul27 ?        00:00:15 [kswapd0]
root       655     2  0 Jul27 ?        00:00:01 [khugepaged]
root       657     2  0 Jul27 ?        00:00:00 [fsnotify_mark]
root       661     2  0 Jul27 ?        00:00:00 [nfsiod]
root       667     2  0 Jul27 ?        00:00:00 [crypto]
root       711     2  0 Jul27 ?        00:00:00 [kthrotld]
root       808     2  0 Jul27 ?        00:00:00 [kworker/1:1]
root       809     2  0 13:26 ?        00:00:00 [kworker/0:0]
root       810     2  0 Jul27 ?        00:00:00 [kworker/3:1]
root       875     2  0 Jul27 ?        00:00:00 [scsi_eh_0]
root       878     2  0 Jul27 ?        00:00:00 [scsi_eh_1]
root       881     2  0 Jul27 ?        00:00:00 [scsi_eh_2]
root       884     2  0 Jul27 ?        00:00:00 [scsi_eh_3]
root       887     2  0 Jul27 ?        00:00:00 [scsi_eh_4]
root       890     2  0 Jul27 ?        00:00:00 [scsi_eh_5]
root       898     2  0 Jul27 ?        00:00:00 [kworker/u:7]
root      1048     2  0 Jul27 ?        00:00:00 [devfreq_wq]
root      1091     2  0 13:36 ?        00:00:00 [kworker/0:1]
root      1259     2  0 13:42 ?        00:00:00 [kworker/0:2]
root      1263     2  0 Jul27 ?        00:00:01 [md0_raid1]
root      1281     2  0 Jul27 ?        00:00:00 [md1_raid1]
root      1298     2  0 Jul27 ?        00:00:02 [md2_raid1]
root      1326     2  0 Jul27 ?        00:00:01 [jbd2/md0-8]
root      1327     2  0 Jul27 ?        00:00:00 [ext4-dio-unwrit]
root      1381     1  0 Jul27 ?        00:00:00 /sbin/udevd --daemon
root      1395     2  0 Jul27 ?        00:00:00 [kworker/2:2]
root      1465 26629  0 13:49 pts/0    00:00:00 ps -ef
root      1487     2  0 Jul27 ?        00:00:00 [kpsmoused]
root      1493     2  0 Jul27 ?        00:00:00 [kworker/1:2]
root      1564     2  0 Jul27 ?        00:00:04 [jbd2/md2-8]
root      1565     2  0 Jul27 ?        00:00:00 [ext4-dio-unwrit]
root      1599     1  0 Jul27 ?        00:00:02 /usr/sbin/syslogd
root      1603     1  0 Jul27 ?        00:00:02 /usr/sbin/klogd -c 3 -x
root      1656  1381  0 Jul27 ?        00:00:00 /sbin/udevd --daemon
root      1657  1381  0 Jul27 ?        00:00:00 /sbin/udevd --daemon
root      1698     2  0 Jul27 ?        00:00:00 [flush-9:0]
root      1699     2  0 Jul27 ?        00:00:11 [flush-9:2]
root      1868     1  0 Jul27 ?        00:00:00 /usr/sbin/inetd
root      1873     1  0 Jul27 ?        00:00:00 /usr/sbin/sshd
bin       1890     1  0 Jul27 ?        00:00:00 /sbin/rpc.portmap
root      1894     1  0 Jul27 ?        00:00:00 /sbin/rpc.statd
root      1898     1  0 Jul27 ?        00:00:00 /usr/sbin/rpc.rquotad
root      1902     2  0 Jul27 ?        00:00:00 [lockd]
root      1903     2  0 Jul27 ?        00:00:00 [nfsd4]
root      1904     2  0 Jul27 ?        00:00:00 [nfsd4_callbacks]
root      1905     2  0 Jul27 ?        00:00:00 [nfsd]
root      1906     2  0 Jul27 ?        00:00:00 [nfsd]
root      1907     2  0 Jul27 ?        00:00:00 [nfsd]
root      1908     2  0 Jul27 ?        00:00:00 [nfsd]
root      1909     2  0 Jul27 ?        00:00:00 [nfsd]
root      1910     2  0 Jul27 ?        00:00:00 [nfsd]
root      1911     2  0 Jul27 ?        00:00:00 [nfsd]
root      1912     2  0 Jul27 ?        00:00:00 [nfsd]
root      1914     1  0 Jul27 ?        00:00:00 /usr/sbin/rpc.mountd
root      1919     1  0 Jul27 ?        00:00:01 /usr/sbin/ntpd -g -p /var/run/ntpd.pid
root      1924     1  0 Jul27 ?        00:00:00 /usr/sbin/acpid
root      1931     1  0 Jul27 ?        00:00:00 /usr/sbin/crond -l notice
daemon    1933     1  0 Jul27 ?        00:00:00 /usr/sbin/atd -b 15 -l 1
root      2164     1  0 Jul27 ?        00:00:00 savd etc/savd.cfg
root      2263     1  0 Jul27 tty1     00:00:00 /sbin/agetty --noclear 38400 tty1 linux
root      2264     1  0 Jul27 tty2     00:00:00 /sbin/agetty 38400 tty2 linux
root      2265     1  0 Jul27 tty3     00:00:00 /sbin/agetty 38400 tty3 linux
root      2266     1  0 Jul27 tty4     00:00:00 /sbin/agetty 38400 tty4 linux
root      2267     1  0 Jul27 tty5     00:00:00 /sbin/agetty 38400 tty5 linux
root      2268     1  0 Jul27 tty6     00:00:00 /sbin/agetty 38400 tty6 linux
root      4777  2164  0 Jul27 ?        00:00:00 savscand --incident=unix://tmp/incident --namedscan=unix://root@tmp/namedscansprocessor.2 --ondemandcontrol=socketpair://42/43
root     26623  1873  0 09:50 ?        00:00:00 sshd: root@pts/0
root     26629 26623  0 09:50 pts/0    00:00:00 -bash

Ответ на: комментарий от xgatron

пальцем в небо: у пользователя есть задачи в кроне и крон пытается отослать то, что вывело в stdout

Крон чистый. Только запись по синхронизации времени.

# Привязываем аппаратное время (БИОС), к системному ежемесячно 1 числа, в 5 часов 10 минут
10 5 1 * *   /sbin/hwclock --hctosys

Вот его кусок лога

Jun 15 18:28:34 mail crond[1959]: /usr/sbin/crond 4.5 dillon's cron daemon, started with loglevel notice

Humaxoid ()

Настрой MTA так, чтобы эти сообщения не режектились, и посмотри, что там. Куча программ умеют посылать сообщения пользователю при наступлении определенных событий, во временна ранних интернетов это была стандартная практика.

Khnazile ★★★★★ ()