On 2/26/2013 7:52 AM, Eero Volotinen wrote:
According to mxtoolbox his server is not an open relay. However the thing that would concern me is the session log your provided:Like I said, as soon as I blocked the troublesome IP's the problem went away. Thus, it cannot be a local script. Furthermore, we are not even running Apache. We are running Tomcat with custom developed Java apps.I also ran tcpdump on localhost to see if there was traffic being received on localhost. Guess what? While the spamming was taking place there was no smtp traffic passing through on localhost port 25.You should still recheck your mail server configuration, looks like your server is open relay? -- Eero
connect from localhost.localdomain[127.0.0.1] Can you post your /etc/hosts and /etc/hostname please? Thanks --
smime.p7s
Description: S/MIME Cryptographic Signature
