0 Replies Latest reply: Oct 25, 2011 10:28 AM by alternapop
alternapop Level 3 Level 3 (775 points)

On some 10.6.8 client Macs I'm seeing these entries in the system logs.  These are just basic client Macs and shouldn't be doing anything mail related other than basic email via MS Outlook 2011.

 

10/25/11 9:51:06 AM    com.apple.launchd[1]    (org.postfix.master) Failed to count the number of files in "/var/spool/postfix/maildrop": No such file or directory

10/25/11 9:51:11 AM    postfix/master[89381]    daemon started -- version 2.5.5, configuration /etc/postfix

10/25/11 9:51:11 AM    postfix/pickup[89382]    63DAC308062D: uid=0 from=<root>

10/25/11 9:51:11 AM    postfix/cleanup[89384]    63DAC308062D: message-id=<20111025165111.63DAC308062D@uds.example.edu>

10/25/11 9:51:11 AM    postfix/qmgr[89383]    63DAC308062D: from=<root@uds.example.edu>, size=6156, nrcpt=1 (queue active)

10/25/11 9:51:11 AM    postfix/local[89386]    63DAC308062D: to=<root@uds.example.edu>, orig_to=<root>, relay=local, delay=288469, delays=288469/0.06/0/0.02, dsn=2.0.0, status=sent (delivered to file: /dev/null)

10/25/11 9:51:11 AM    postfix/qmgr[89383]    63DAC308062D: removed

 

 

and this in the mail.log file:

 

Oct 25 09:51:03 udp015338uds postfix/postdrop[34961]: warning: mail_queue_enter: create file maildrop/812308.34961: No such file or directory

Oct 25 09:51:03 udp015338uds postfix/postdrop[71803]: warning: mail_queue_enter: create file maildrop/812413.71803: No such file or directory

Oct 25 09:51:11 udp015338uds postfix/master[89381]: daemon started -- version 2.5.5, configuration /etc/postfix

Oct 25 09:51:11 udp015338uds postfix/pickup[89382]: 63DAC308062D: uid=0 from=<root>

Oct 25 09:51:11 udp015338uds postfix/cleanup[89384]: 63DAC308062D: message-id=<20111025165111.63DAC308062D@uds.example.edu>

Oct 25 09:51:11 udp015338uds postfix/qmgr[89383]: 63DAC308062D: from=<root@uds.example.edu>, size=6156, nrcpt=1 (queue active)

Oct 25 09:51:11 udp015338uds postfix/local[89386]: 63DAC308062D: to=<root@uds.example.edu>, orig_to=<root>, relay=local, delay=288469, delays=288469/0.06/0/0.02, dsn=2.0.0, status=sent (delivered to file: /dev/null)

Oct 25 09:51:11 udp015338uds postfix/qmgr[89383]: 63DAC308062D: removed

 

What is likely the cause?  How can I fix/stop it?

These Macs have ssh locked down with hosts.allow and sshd_config configured to only only certain subnets and users so I don't think they've compromised via ssh.

 

Thanks


iMac, Mac OS X (10.6.8)