Thanks Eric, I'll make that change.
-Original Message-
From: Eric Broch [mailto:ebr...@whitehorsetc.com]
Sent: Monday, August 17, 2020 9:21 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Distressing strange behavior
In your .qmail-default file for the domain
nal Message-
From: Angus McIntyre [mailto:an...@pobox.com]
Sent: Monday, August 17, 2020 5:44 AM
To: qmailtoaster-list@qmailtoaster.com; Chas Hockenbarger
Subject: Re: [qmailtoaster] Distressing strange behavior
Check for a '.forward' file in '/root'?
That could account for
;ll absolutely update this thread. If anyone has any
other ideas, I'd love to hear them as well.
-Original Message-
From: Angus McIntyre [mailto:an...@pobox.com]
Sent: Monday, August 17, 2020 5:44 AM
To: qmailtoaster-list@qmailtoaster.com; Chas Hockenbarger
Subject: Re: [qmail
are accounts I don’t know and root at
this server is supposed to go to postmaster.
This just keeps getting weirder.
*From:* Eric Broch [mailto:ebr...@whitehorsetc.com]
*Sent:* Sunday, August 16, 2020 4:13 PM
*To:* qmailtoaster-list@qmailtoaster.com
*Subject:* Re: [qmailtoaster] Distressing stra
/vpopmail/bin/vdelivermail ‘’ bounce-no-mailbox
*From:*Eric Broch [mailto:ebr...@whitehorsetc.com]
*Sent:* Sunday, August 16, 2020 7:40 PM
*To:* qmailtoaster-list@qmailtoaster.com
*Subject:* Re: [qmailtoaster] Distressing strange behavior
Do this:
# ls -la /home/vpopmail/domains/'mydomain'/
...@whitehorsetc.com]
Sent: Sunday, August 16, 2020 7:40 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Distressing strange behavior
Do this:
# ls -la /home/vpopmail/domains/'mydomain'/postmaster/
look for a .qmail file.
In fact you could do this
# find /home/vpopma
ist@qmailtoaster.com
*Subject:* Re: [qmailtoaster] Distressing strange behavior
BTW, I always use the -L on the qmHandle it should not change much but
my 2 cents.
Remo
On Aug 16, 2020, at 3:32 PM, Chas Hockenbarger mailto:chash...@gmail.com>> wrote:
Yes, I did check those, that wa
r either bad addresses or just the reputation
> bounce.
>
> Is there a down side to just blowing those away?
> <>
> From: Remo Mattei [mailto:r...@mattei.org]
> Sent: Sunday, August 16, 2020 5:43 PM
> To: qmailtoaster-list@qmailtoaster.com
> Subject: Re: [
:43 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Distressing strange behavior
BTW, I always use the -L on the qmHandle it should not change much but my 2
cents.
Remo
On Aug 16, 2020, at 3:32 PM, Chas Hockenbarger mailto:chash...@gmail.com> > wrote:
emingly) random other messages,
> but is it possible something is borked up in the queue processing there since
> Gmail is bouncing everything back to me?
> <>
> From: Remo Mattei [mailto:r...@mattei.org]
> Sent: Sunday, August 16, 2020 5:26 PM
> To: qmailtoaster-list
ent: Sunday, August 16, 2020 5:26 PM
> To: qmailtoaster-list@qmailtoaster.com
> Subject: Re: [qmailtoaster] Distressing strange behavior
>
> did you check your qmail aliases?
> cd /var/qmail/alias/
>
> what do those files say?
>
>
>
>> On Aug 16, 2020, at 3:
0 5:26 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Distressing strange behavior
did you check your qmail aliases?
cd /var/qmail/alias/
what do those files say?
On Aug 16, 2020, at 3:10 PM, Chas Hockenbarger mailto:chash...@gmail.com> > wrote:
Thank
2020 4:59 PM
> To: qmailtoaster-list@qmailtoaster.com
> Subject: Re: [qmailtoaster] Distressing strange behavior
>
> It doesn’t sound like you are being repeatedly hacked. It sounds like your
> reputation dropped with google, and certain emails trigger their anti-spam
> filtering
can’t recover
the reputation.
From: Boheme [mailto:boh...@gmail.com]
Sent: Sunday, August 16, 2020 4:59 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Distressing strange behavior
It doesn’t sound like you are being repeatedly hacked. It sounds like your
reputation
: [qmailtoaster] Distressing strange behavior
Yes forwards can be in a .qmail file or in the vpopmail database.
So, the bounces occurring presently, what's the originating account?
Is there anything in your queue (# qmailctl queue)?
On 8/16/2020 2:46 PM, Charles Hockenbarger wrote:
As I under
For that i had to fix my ptr and make sure the name matches. Once i fixed that
and I also added dmark and added google to my trust dns records looks like it’s
not going into spam and mail gets delivered just fine.
> Il giorno 16 ago 2020, alle ore 14:59, Boheme ha scritto:
>
> It doesn’t soun
It doesn’t sound like you are being repeatedly hacked. It sounds like your
reputation dropped with google, and certain emails trigger their anti-spam
filtering now. Not all of them, just some. I have problems with Google
accepting email regularly sometimes, and dropping other emails into people’
setc.com]
> Sent: Sunday, August 16, 2020 4:13 PM
> To: qmailtoaster-list@qmailtoaster.com
> Subject: Re: [qmailtoaster] Distressing strange behavior
>
> Yes forwards can be in a .qmail file or in the vpopmail database.
>
> So, the bounces occurring presently, what's t
, August 16, 2020 4:13 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Distressing strange behavior
Yes forwards can be in a .qmail file or in the vpopmail database.
So, the bounces occurring presently, what's the originating account?
Is there anything in your
Yes forwards can be in a .qmail file or in the vpopmail database.
So, the bounces occurring presently, what's the originating account?
Is there anything in your queue (# qmailctl queue)?
On 8/16/2020 2:46 PM, Charles Hockenbarger wrote:
As I understand the forwards setup in qmailadmin those ar
here are some steps to do
1) enable more debugs
:allow,SIMSCAN_DEBUG=“5” to /etc/tcprules.d/tcp.smtp
then make sure you run the
qmailctl cdb
Reloaded /etc/tcprules.d/tcp.smtp
Reloaded /var/qmail/control/badmimetypes.cdb
Reloaded /var/qmail/control/badloadertypes.cdb
Reloaded /var/qmail/control/
As I understand the forwards setup in qmailadmin those are in the database,
right?
The address that was compromised hasn't sent any email since the password
change.
I hadn't thought about looking at qmail-inject. I'll dig into watching that
part of the process.
Get TypeApp for Android
On
How do you have your forwards set up?
Is there any mail in your queue?
If someone hacked an account on your server with forwards to gmail
accounts they aren't limited to just these forwards, they also have the
option in the email client to add gmail accounts in the "To:" field of
the email th
Thanks, Remo. I don't see any http logins for the compromised account but I'll
try there.
Sorry for the stupid question, but how do we up the logging level for qmail
logs? I've never had to do that and my searching hasn't shown me anything. I've
got debug on for dovecot, though that's not reall
I would suggest to stop httpd normally when I saw something like that in one of
my old server that i now displaced and replaced with CentOS 7 the user found
that loop to send. I would enable debug on all outgoing which is how I found
that hole.
It sucks I know. For google that’s something more
I'm hoping someone has encountered this weird behavior or something like it
before and can point me down a path, because all my research has turned up
nothing so far.
I had an email account recently get breached due to a re-used password, and
that account was used to send a bunch of spam out fr
26 matches
Mail list logo
