Can anyone tell me what service/application would start
sendmail?
I discovered my Gentoo computer recently very active with
I/O on the
harddrive and receive/transmit activity on an invocation of
gkrellm. In
researching the activity, I found that I had an smtp
connection to a
computer in Toronto, Canada. The connection was on port
43121 and looked
like so:
bash$ netstat -t -u
Active Internet connections (w/o servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 1 [myIP]:43121 [theirIP]:smtp
ESTABLISHED
... Other usual stuff ....
Running a check to see what may be running in the
process tables:
bash$ ps -efl
showed this process here:
/usr/sbin/sendmail -FCronDaemon -odi -oem -oi -t
I could not find the cause for this application
invocation. Nothing
in the rc-update, crontab, nor services suggests that
sendmail ought to
be running.
When I killed the PID for this sendmail process, all
disk I/O
immediately stopped. The site for the IP address which had a
connection
to my computer was never one to which I had ever visited. I
know of no
reason I would ever go to it.
I found vulnerabilities associated with a lower version
of sendmail
but none with the version I've installed right now.
Any suggestions, ideas, or explanations are welcomed.
Thanks in advance,
Kern.
|
