Welcome to SparkyLinux forums
Zapraszamy również na polsko-języczne Forum https://forum.linuxiarze.pl

why is my system trying to send emails to pavroo1@debian?

Started by dcarrco, January 06, 2015, 02:56:47 AM

Previous topic - Next topic

dcarrco

i was setting up some crontab entries in a new installation (i have been using Crunchbang for a while now) and i went to check admin mail
and i see a bunch of undeliverable emails for pavroo1@debian.  what the hell is this?  is this spyware?  is this supposed to be sending my error messages
to sparky people?  how do i set that address and where in exim4 is it?

way12go

Couple of times in the past I've seen a folder with name pavroo and on a different iso I've seen few folders - may be language of Poland...

I'm thinking he must have made the iso after testing it on his system and he did use it so he probably didn't clean up his settings.

Surely, it's impossible for them to do any spyware thing.
Success gives birth to success? Failure gives birth to failure? - Sagar Gorijala.

pavroo

Don't know.
I don't use pavroo1@debian account, I don't even have it.
I use just pavroo without numbers.
Admin mails should be generated by the system, I will check it out.
Nothing is easy as it looks. Danielle Steel
Join #sparkylinux.org at [url="//irc.libera.chat"]irc.libera.chat[/url]

pavroo

All the mails to root or other users are stored in /var/mail/ directory.
But, it's empty in the Live system.
Where did you find the mails?
Nothing is easy as it looks. Danielle Steel
Join #sparkylinux.org at [url="//irc.libera.chat"]irc.libera.chat[/url]

dcarrco

hey pavroo
i received a mail in my main user (admin) account saying the email to pavroo1@debian was "undeliverable mail" but not sure where its coming from
i only have one user in my system (me) and don't know what program is trying to email out
unfortunately i deleted them before i knew what was what, but ill post the next one

py-thon

I suppose there is a misunderstanding. pavroo1@debian is no valid email address. It would be if it were pavroo1@debian.org or something like that (including a tld-ending). It seems to me that those are leftovers from building the iso and pavroo1 was the name of a user/admin on the system the iso was built. Remember that the system is called "debian".
Tower and Notebook: Sparky (testing) 64bit MATE

dcarrco

sure, I recognize valid email addresses when I see them but the point is, IF I had set up my system on the new install to relay messages to the outside world, and IF a valid email had been left behind then emails would have left my system addressed to a user that isn't even on my system. that can't be a secure or polite way to leave an ISO configured. I thought someone should know and maybe explain.

grandadruss

In case it helps any, I found 1 message in /var/mail containing the following
Quote
Date: Thu, 18 Sep 2014 12:27:20 +1200

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  pavroo2@core
    (generated from root@core)
    Unrouteable address


Does not worry me at all.  :)

pavroo

Hhmm...
Again?
I checked the folder in one spin and it was empty, as I said before.
I will add a line to the making iso script to clean it up for good next time :)
Nothing is easy as it looks. Danielle Steel
Join #sparkylinux.org at [url="//irc.libera.chat"]irc.libera.chat[/url]

dcarrco

sure.  my "spyware" comment was a joke.  i assumed it was exactly what it seems to be, a leftover bit of script or variables set sometime.  no big deal.  nice distro.  thanks!

grandadruss

#10
Have had a bit of a play with exim. Don't really know what I am doing, but have managed to get the following message when trying to mail root. Hope it helps.  :)

Edit - a bit later - Found the problem, I think. /etc/aliases has root: pavroo2 as its last line - commented that out, mail to root now gets delivered to /var/mail/mail.
:D :D :D

QuoteReturn-path: <>
Envelope-to: russell@russ-laptop
Delivery-date: Mon, 12 Jan 2015 13:15:39 +1300
Received: from Debian-exim by russ-laptop with local (Exim 4.84)
   id 1YASfT-0001n8-Kp
   for russell@russ-laptop; Mon, 12 Jan 2015 13:15:39 +1300
X-Failed-Recipients: pavroo2@russ-laptop
Auto-Submitted: auto-replied
From: Mail Delivery System <Mailer-Daemon@russ-laptop>
To: russell@russ-laptop
Subject: Mail delivery failed: returning message to sender
Message-Id: <E1YASfT-0001n8-Kp@russ-laptop>
Date: Mon, 12 Jan 2015 13:15:39 +1300

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its
recipients. This is a permanent error. The following address(es) failed:

  pavroo2@russ-laptop
    (generated from root@russ-laptop)
    Unrouteable address

------ This is a copy of the message, including all the headers. ------

Return-path: <russell@russ-laptop>
Received: from russell by russ-laptop with local (Exim 4.84)
   (envelope-from <russell@russ-laptop>)
   id 1YASfT-0001n4-9B
   for root@russ-laptop; Mon, 12 Jan 2015 13:15:39 +1300
To: root@russ-laptop
Subject: test message
Message-Id: <E1YASfT-0001n4-9B@russ-laptop>
From: Russell <russell@russ-laptop>
Date: Mon, 12 Jan 2015 13:15:39 +1300

my test


crypto

hey there so testing is also doing this again

this is just a snip it   
"
. The following address(es) failed:

  pavroo2@core
    (generated from root@core)
    Unrouteable address
"


I looked in /etc/aliases found it there and removed .... not sure yet it that worked i assume it will ..

View the most recent posts on the forum