On Sat, 29 Jun 2024, Jeff Pang wrote:
Jun 30 06:20:51 mx postfix/smtpd[1081379]: NOQUEUE: reject: RCPT from
unknown[193.37.41.106]: 550 5.7.25 Client host rejected: cannot find your
hostname, [193.37.41.106]; from= to=
proto=ESMTP helo=<[193.37.41.106]>
do you know what is the sender "t...@s
It depends on your configuration and if you're installing it in Postfix
or down the line in a milter like rspamd.
I added their query zones in postfix's main.cf in the
`smtpd_recipient_restrictions` parameter.
Generates this bounce (domain and IP have been redacted):
NOQUEUE: reject: RCPT fr
does that list reject submission requests as well?
This list is generated by monitoring the behavior of hosts that connect
to our traps and our partner's mail services. It includes any IP address
that exhibits behavior specific to compromised hosts, botnet/virus
infections, proxies, VPNs, TOR
It appears that Jeff Pang via mailop said:
>I have two different mailservers.
>both them continue to get the requests from a sender as the following.
>
>Jun 30 06:20:51 mx postfix/smtpd[1081379]: NOQUEUE: reject: RCPT from
>unknown[193.37.41.106]: 550 5.7.25 Client host rejected: cannot find
>yo
Probably random botnets trying to deliver spam. I see a bunch of
connections from that IP, but they're all getting dropped as soon as
they connect because they're listed by Abusix Mail Intelligence as
'exploit'. You will see a lot of that when managing a mail server.
Per Abusix:
This list is g
They're also on the Spamhaus DROP list (the worst of the worst)
https://check.spamhaus.org/results/?query=SBL642455
On 6/30/24 12:24 AM, Jeff Pang via mailop wrote:
I have two different mailservers.
both them continue to get the requests from a sender as the following.
Jun 30 06:20:51 mx postf
$ sudo tail -1 /var/log/mail.log|grep t...@sxyprn.com|wc -l
608
this guy did send a lot of requests to us, though they are all rejected
by DNS policy.
both them continue to get the requests from a sender as the following.
--
Jeff Pang
jeffp...@aol.com
__
I have two different mailservers.
both them continue to get the requests from a sender as the following.
Jun 30 06:20:51 mx postfix/smtpd[1081379]: NOQUEUE: reject: RCPT from
unknown[193.37.41.106]: 550 5.7.25 Client host rejected: cannot find
your hostname, [193.37.41.106]; from=
to= proto=ES
