|
Hi there,
Yahoo starts blocking e-mails from our server. It is possible that someone/somehow is sending spams. Please help me find what is sending spam from our server. First please explain to me the following logs (ourdomain is hosted on our server): Feb 3 14:45:57 softexp postfix/smtpd[23394]: NOQUEUE: reject: RCPT from unknown[117.87.x.x]: 554 5.7.1 Service unavailable; Client host [117.87.x.x] blocked using sbl-xbl.spamhaus.org; http://www.spamhaus.org/query/bl?ip=117.87.x.x; from=<x...@yahoo.com.au> to=<experienceoff...@ourdomain.ro> proto=ESMTP helo=<PC-200901111752> Feb 3 14:45:58 softexp postfix/smtp[23424]: 56966AC86D: to=<x...@yahoo.com.au>, relay=d.mx.mail.yahoo.com[66.196.82.7]:25, delay=7.6, delays=0/0.01/7.6/0, dsn=4.7.0, status=undeliverable (host d.mx.mail.yahoo.com[66.196.82.7] refused to talk to me: 421 4.7.0 [TS02] Messages from 80.96.148.194 temporarily deferred due to user complaints - 4.16.56.1; see http://postmaster.yahoo.com/421-ts02.html) What I understand: 1. the client 117.87.x.x tries to connect to our server but is blocked. (it is at spamhouse). It tries to send frm x...@yahoo.com to experienceof...@ourdomain.com. Everything ok till now. 2. what does the second line means? Our server is tring to send to x...@yahoo.com. Why? It is for sure related with the first log line... It is because of some bounce message or what? t looks like Postfix is accepting messages even though the RBL check happened after RCPT. That means even though the message is rejected, Postfix has accepted it, then sent a bounce later. Is this correct? How can I solve it? The output of postconf -n: postconf -n command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 debug_peer_list = dom1.com html_directory = no mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man myhostname = mail.dom1.com mynetworks_style = host newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop smtpd_helo_restrictions = reject_invalid_hostname smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_sender_access hash:/usr/local/etc/postfix/access_sender check_helo_access pcre:/usr/local/etc/postfix/helo_checks reject_non_fqdn_recipient reject_unknown_recipient_domain reject_unverified_recipient reject_rbl_client list.dsbl.org, reject_rbl_client sbl-xbl.spamhaus.org, reject_rhsbl_sender dsn.rfc-ignorant.org permit smtpd_sasl_auth_enable = yes smtpd_sender_restrictions = reject_unknown_sender_domain, reject_non_fqdn_sender, reject_unverified_sender, permit unknown_local_recipient_reject_code = 550 virtual_alias_maps = hash:/usr/local/etc/postfix/valias.txt virtual_gid_maps = static:1000 virtual_mailbox_base = /var/spool/vmail virtual_mailbox_domains = /usr/local/etc/postfix/vhost.txt virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmaps.txt virtual_uid_maps = static:1000 |
- postfix logs, spams and bounce messages ddaas
- Re: postfix logs, spams and bounce messages Victor Duchovni
- Re: postfix logs, spams and bounce messages Noel Jones
