On 4/26/2010 4:05 PM, Josh Cason wrote:
After working on some other issues. I came back to this spam problem. I
once again do not have the -v. The spam I was looking at came in last
wensday (I disabled the -v for a few weeks now until I can get back to
it) and one difference I noticed is it does not have a hold header on
it. It does not have a ip number listed with it. It does not have a
machine listed with it. A typical valid e-mail customer will show up
with there machine name, there ip number, and then the message is put on
hold. This is all without the -v option.
Why the difference?
Has anybody seen any spam like that without the -v option?
Thanks,
Josh
I'm quite certain that no one here has the slightest idea what
you're talking about.
Really Wild Guess: Your web server is being exploited and
sending out spam. Turn off your web server software until you
fix the problem.
Here are some random ideas that may or may not relate to
whatever your question might be:
- postfix verbose logging (maybe that's what you mean by -v
above??) does not affect the message headers.
- You should not be using postfix verbose logging.
- No one here knows what a "hold header" is.
- If you are attempting to describe an email without a
Received: header, postfix adds Received: headers to all mail
unless you remove them with header_checks. Don't do that.
- Mail submitted on the machine via the sendmail(1) command
will have a userid rather than an IP in the Received: header.
If you need more than wild guesses and random thoughts, you
need to provide more information. Start here:
http://www.postfix.org/DEBUG_README.html#mail
If you have questions about message headers, you need to show
the headers.
-- Noel Jones
