Re: is this an attack on my sendmail?
It looks like one of your users (the "ctladdr=" one) is trying to email firstname.lastname@example.org. company.com doesn't appear to be online right now, which is why the connection is timing out.
For the SYN_SENT when doing a netstat, it's likely that your mail server is trying to connect to those mail servers, which are either not online or have some firewall rules blocking you - nothing to worry about.
(sending a TCP packet with the SYN flag set is the first step to making a connection, if those servers were online and responding they would reply with a packet with SYN + ACK set, since your server can't get to them the connection is stuck in the SYN_SENT state until it times out)
> hi guys in my maillog I am receiving many strange message on sendmail like
> May 10 18:52:50 xserver sendmail: g4AIRfa02119:
> to=<email@example.com.>, ctladdr=<one of my user mail> (638/45),
> delay=03:25:09, xdelay=00:00:00, mailer=esmtp, pri=607606,
> relay=company.com., dsn=4.0.0, stat=Deferred: Connection timed out with
> and the other strange thing is that when i try to check the
> conections(netstat -at) there are one strange like that:
> tcp 0 1 myserver:35169 mywebos.com:smtp SYN_SENT
> when I use netstat -atn looks like that:
> tcp 0 1 myserver:35169 18.104.22.168:25 SYN_SENT
800-733-3380 x 107
To UNSUBSCRIBE, email to firstname.lastname@example.org
with a subject of "unsubscribe". Trouble? Contact email@example.com