On Thu, 2014-05-01 at 07:13 -0600, James Lay wrote: > Hey all, > > Trying to figure out why the below made it through > > May 1 06:57:14 gateway postfix/smtpd[15631]: warning: hostname > irc.madboxes.cc does not resolve to address 67.51.218.144 > May 1 06:57:14 gateway postfix/smtpd[15631]: connect from > unknown[67.51.218.144] > May 1 06:57:15 gateway postfix/smtpd[15631]: 9932D4201D: > client=unknown[67.51.218.144] > May 1 06:57:15 gateway postfix/cleanup[15633]: 9932D4201D: > message-id=<0.0.0.18f.1cf653b82974c64.16e...@mail.hafighter.com> > May 1 06:57:15 gateway postfix/qmgr[21143]: 9932D4201D: > from=<surface.protection.plus-jlay=slave-tothe-box....@hafighter.com>, > size=4970, nrcpt=1 (queue active) > May 1 06:57:16 gateway postfix/smtpd[15631]: disconnect from > unknown[67.51.218.144] > May 1 06:57:16 gateway postfix/pickup[14365]: 6250042025: uid=1002 > from=<surface.protection.plus-jlay=slave-tothe-box....@hafighter.com> > May 1 06:57:16 gateway postfix/cleanup[15633]: 6250042025: > message-id=<0.0.0.18f.1cf653b82974c64.16e...@mail.hafighter.com> > May 1 06:57:16 gateway postfix/pipe[15634]: 9932D4201D: > to=<j...@slave-tothe-box.net>, relay=spamassassin, delay=1.5, > delays=0.95/0.01/0/0.56, dsn=2.0.0, status=sent (delivered via > spamassassin service) > May 1 06:57:16 gateway postfix/qmgr[21143]: 9932D4201D: removed > May 1 06:57:16 gateway postfix/qmgr[21143]: 6250042025: > from=<surface.protection.plus-jlay=slave-tothe-box....@hafighter.com>, > size=5371, nrcpt=1 (queue active) > May 1 06:57:16 gateway postfix/local[15638]: 6250042025: > to=<j...@slave-tothe-box.net>, relay=local, delay=0.14, > delays=0.07/0.01/0/0.06, dsn=2.0.0, status=sent (delivered to command: > procmail -a "$EXTENSION") > May 1 06:57:16 gateway postfix/qmgr[21143]: 6250042025: removed > > Pertinent config info below: > > > smtpd_sender_restrictions = regexp:/etc/postfix/access > header_checks = regexp:/etc/postfix/header_checks > body_checks = regexp:/etc/postfix/body_checks > smtpd_recipient_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_unauth_destination > smtpd_client_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_rbl_client zen.spamhaus.org, > check_client_access hash:/etc/postfix/rbl_override, > reject_rbl_client cbl.abuseat.org, > reject_rbl_client bl.spamcop.net, > reject_rbl_client dnsbl.sorbs.net, > check_sender_access hash:/etc/postfix/sender_checks, > reject_invalid_hostname, > reject_unknown_hostname > > none of the included check type files includes that IP or host. Is > there a way I can trace this down? Thank you. > > James >
Thanks for the responses all...it does help. James
