ter on all linux boxes on hand.
Original Message
From: Bill Cole
Sent: Monday, July 4, 2016 2:22 PM
To: Postfix users
Reply To: Postfix users
Subject: Re: Spamrl.com RBL problem
On 3 Jul 2016, at 0:36, li...@lazygranch.com wrote:
> This is probably more of a freebsd question, but it see
On 3 Jul 2016, at 0:36, li...@lazygranch.com wrote:
This is probably more of a freebsd question, but it seems to me that
Postfix should be hogging (bound) to the mail ports, so if something
is sending email, it has to be using Postfix.
That's not how TCP/IP or Postfix works. Postfix binds lis
July 3, 2016 10:03 AM
To: postfix-users@postfix.org
Subject: Re: Spamrl.com RBL problem
* Matthew McGehrin :
> Hello.
>
> Your assuming that port 25 needs to be open on the local side to send
> mail. this is not the case. There are two possibilities here.
>
> 1. A dirty IP was ass
* Matthew McGehrin :
> Hello.
>
> Your assuming that port 25 needs to be open on the local side to send
> mail. this is not the case. There are two possibilities here.
>
> 1. A dirty IP was assigned to your server, and that the previous owner
> had a spam issue.
Give the shortages of ipv4 addr
* li...@lazygranch.com :
> This is probably more of a freebsd question, but it seems to me that Postfix
> should be hogging (bound) to the mail ports, so if something is sending
> email, it has to be using Postfix.
No. Sending can be done by other processes as well, since it doesn't
require bin
* Matthew McGehrin :
> Hello.
>
> I would check your local system to see if you have any rogue perl
> processes running. These are generally the cause of being blacklisted
> for a dictionary attack, which implies that a script is running on your
> local server.
>
> Generally, you can spot them
> : host smx1.web-hosting.com[209.188.21.38] said: 550
> The
> sending IP (my dotted quad) is listed on https://spamrl.com as a source of
> dictionary attacks. (in reply to end of DATA command)
That would mean that something tried logins against a POP/IMAP/SMTP
server -- not necessarily
Hello.
Your assuming that port 25 needs to be open on the local side to send
mail. this is not the case. There are two possibilities here.
1. A dirty IP was assigned to your server, and that the previous owner
had a spam issue.
2. It's a php exploit, that spawns a perl script to send outbou
gt; To: Postfix users
> Subject: Re: Spamrl.com RBL problem
>
> Hello.
>
> I would check your local system to see if you have any rogue perl
> processes running. These are generally the cause of being blacklisted
> for a dictionary attack, which implies that a script is r
be in the rc.d to get fired up when I boot?
Original Message
From: Matthew McGehrin
Sent: Saturday, July 2, 2016 7:24 PM
To: Postfix users
Subject: Re: Spamrl.com RBL problem
Hello.
I would check your local system to see if you have any rogue perl
processes running. These are generally the cau
Hello.
I would check your local system to see if you have any rogue perl
processes running. These are generally the cause of being blacklisted
for a dictionary attack, which implies that a script is running on your
local server.
Generally, you can spot them by the amount of CPU time, and the
I will start this over to get rid of the HTML mail crap. This is the bounce
reply with some sanitizing to keep this message off of the Google bot:
This is the mail system at host www.mydomain.com
I'm sorry to have to inform you that your message could not
be delivered
12 matches
Mail list logo
