Search Results

Search found 1256 results on 51 pages for 'spam spam spam spam'.

Page 16/51 | < Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >

  • sendmail is using return-path instead of from address

    - by magd1
    I have a customer that is complaining about emails marked as spam. I'm looking at the header. It shows the correct From: [email protected] However, it doesn't like the return-path. Return-Path: <[email protected]> Received-SPF: neutral (google.com: x.x.x.x is neither permitted nor denied by domain of [email protected]) client-ip=x.x.x.x; Authentication-Results: mx.google.com; spf=neutral (google.com: x.x.x.x is neither permitted nor denied by domain of [email protected]) [email protected] How do I configure sendmail to use the From address for the Return-Path?

    Read the article

  • How can I find a computer on my network that is doing mass mailings?

    - by Alex Ciarlill
    I was notified by my isp that one of my machines is sending out spam. This happened about 3 months ago on windows machine running cygwin that was hacked due to an SSH vuln. The hackers setup IIS and SMTP. I cleared out the machine and all the services are disabled so I think that machine is okay I am wondering if there is any other way to identify which machine it could be coming from? The ISP has NO useful information such as source port, destination port, destination IP... nothing. I am running DD-WRT on my router, Windows 7 PC and a Windows XP PC.

    Read the article

  • Does RDNS for mail server have to match the mail server hostname exactly?

    - by threecheeseopera
    Typically when setting up a mail server, I create an rDNS record for the mail server IP to match the mail server hostname (ex: mail.example.com). Can I instead set the rDNS ptr to match the parent domain (e.g. example.com), if this server is being used for multiple purposes, and still send mail successfully (i.e. not be classified as spam b/c of mismatched rDNS)? Thanks! EDIT: The article at http://en.wikipedia.org/wiki/Forward_Confirmed_reverse_DNS seems to indicate that it might be more complicated than I had thought. For instance, 1) I did not know that you could have multiple PTR records for a given IP; 2) it appears that as long as each PTR record matches an A record, everything is good (basically nullifying my question). Would you agree?

    Read the article

  • How to ban fans from a specific country - Facebook

    - by Lukas
    my question is kind of weird, because i want thousands of fans to dislike my page! Since this is not a common problem I hardly can find anything about it! my facebook page just got spammed with thousands of "fans" from a specific country. When I set a coountry restriction for that country, will the fans be banned and the number of fans be the same as before the spam-attack? I really need to get rid of those fans. I already restricted that country and facebook actually updated the chart where I can see where my fans are coming from. So fb knows that I have those "fans", but the number of likes remains the same... Any idea? It is not possible to ban every fan 1 by 1 because I can only see the last 100 fans.

    Read the article

  • SMTP hacked by spammer using base64 encoding to authenticate

    - by Throlkim
    Over the past day we've detected someone from China using our server to send spam email. It's very likely that he's using a weak username/password to access our SMTP server, but the problem is that he appears to be using base64 encoding to prevent us from finding out which account he's using. Here's an example from the maillog: May 5 05:52:15 195396-app3 smtp_auth: SMTP connect from (null)@193.14.55.59.broad.gz.jx.dynamic.163data.com.cn [59.55.14.193] May 5 05:52:15 195396-app3 smtp_auth: smtp_auth: SMTP user info : logged in from (null)@193.14.55.59.broad.gz.jx.dynamic.163data.com.cn [59.55.14.193] Is there any way to detect which account it is that he's using?

    Read the article

  • Postfix block senders outside from local domains

    - by Tibor Peter Toth
    I would like to block every mail that is coming in from a domain that is running on my server. Example: I have domain1.com on my mail server and I'm getting a mail from outside with an email address of [email protected] Then I know it's a Spam, because domain1.com is on my server, so the sender cannot come from outside. I want postfix to check for this, and simply block these kind of emails. I know this is a function in postfix, just don't know which one. Thanks.

    Read the article

  • does it still have any sense to directly drop mails that trigger RBLs?

    - by Luke404
    Once upon a time, using RBLs to drop mails was actually a good idea. These days seems it is no more possible for a reason or the other, so every one switched / is_switching to just use RBLs as another test in score based antispam solutions (read: SpamAssassin & friends). This gives good results, but neglects one of the benefits of RBLs, namely the ability to reject (supposed) spam before even receiving the message body. Is still there any RBL that makes sense to use that way, to hardly reject anything that fires a match in that list? If there are people doing it that way, do you ever get false positives due to the list?

    Read the article

  • Configure Postini and emailreg.org

    - by crn
    One of our companies uses Postini services as our spam filtering service. Unfortunately, the company has been tagged as a spammer and we're trying to use emailreg.org to whitelist us. Emailreg.org wants us to add a CNAME which points to their domain (emaireg.org), while Postini has us add MX records (such as domainname.s7a1.psmtp.com. Here are my questions: 1. Can adding Emaireg's CNAME cause either Postini to not work or our emails to be lost? 2. Which is order of execution (do the email go to Postini and upon their return to EmailReg or is it the other way around)? 3. Is there anything of which I should be aware when using such a setup? Thanks, in advance, for all your help!

    Read the article

  • Offlineimap -- push changes to all folders; only pull from INBOX folder

    - by g33kz0r
    I would like to be able to set up offlineimap to do the following Sync Remote/INBOX - Local Sync Local/Maildirs/* - Remote Possible? The use case here is: I download all new mail from my remote IMAP INBOX folder with offlineimap. offlineimap's posthook command calls a custom python script which does junk filtering, then sorts and categorizes my mail in the local INBOX folder to various local maildirs based on sender, etc. I read my mail with mutt and perhaps do some more categorization. ? Step 4 is what I'm after. I want offlineimap to push my local changes (categorization, filtering, deletion in the case of spam) back to the various folders on the imap server, but as you can see, there's no need for me to be pulling any changes from folders other than Remote/INBOX, as no changes happen on the IMAP server itself. I hope that's a clear explanation of the problem.

    Read the article

  • Log with iptalbes which user is delivering email to port 25

    - by Maus
    Because we got blacklisted on CBL I set up the following firewall rules with iptables: #!/bin/bash iptables -A OUTPUT -d 127.0.0.1 -p tcp -m tcp --dport 25 -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --gid-owner mail -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --uid-owner root -j ACCEPT iptables -A OUTPUT -p tcp -m tcp --dport 25 -m owner --uid-owner Debian-exim -j ACCEPT iptables -A OUTPUT -p tcp -m limit --limit 15/minute -m tcp --dport 25 -j LOG --log-prefix "LOCAL_DROPPED_SPAM" iptables -A OUTPUT -p tcp -m tcp --dport 25 -j REJECT --reject-with icmp-port-unreachable I'm not able to connect to port 25 from localhost with another user than root or a mail group member - So it seems to work. Still some questions remain: How effective do you rate this rule-set to prevent spam coming from bad PHP-Scripts hosted on the server? Is there a way to block port 25 and 587 within the same statement? Is the usage of /usr/sbin/sendmail also limited or blocked by this rule-set? Is there a way to log the username of all other attempts which try to deliver stuff to port 25?

    Read the article

  • Something is spamming from my hMail server - how can I deal with this?

    - by joshcomley
    My Windows 2008 server is attempting to send out a lot of spam, I've just discovered, and I'm not sure how to see where the compromise is. For example: has someone hacked an account? Has someone hacked the server? Is there a virus on the server? What can I do to investigate this? Edit Thanks for the replies so far. I am running hMail server, and have spent so long investigating the correct configuration but still I end up with these emails being sent. Here is a screenshot of my Internet IP range settings on the server: (let me know what else I can provide to help)

    Read the article

  • It's possible to use google smtp for sending email from my server?

    - by Magnetic_dud
    Well, I am becoming crazy to let my email deliver to gmail/hotmail from my new ip. Last year, i had no problems with my past ip, but now my emails go straight to the spam folder of gmail and hotmail. I checked with mxtoolbox.com and i am not blacklisted, not an open proxy, rdns is configured the right way, SPF policy is present on the DNS. My spf is v=spf1 a mx ~all But, still, I am filtered. So, I am wondering: since gmail does not accept my emails, it's possible to use gmail smtp server to deliver all mails from my server? AFAIK, it will change all the "from" address, but maybe there is a way to not let it happen?

    Read the article

  • How to modify a message, so it will be for 100% recognizable as spam by Exchange junk e-mail filter

    - by user71061
    Hi! I have an sendmail server, sitting in front of my Exchange server. This server filter spam with SpamAssassin (and do it incredibly well!), but it merely tag spam messages with appropriate header flags and by modifying message subject. When such a message arrives to user mailbox on Exchange server, where it is examined by Echange/Outlook junk e-mail filter, which put most of spam in junk message folder. And that is my problem: most, but not all! To put all spam in junk e-mail message folder, user has to define an rule, saying f.e: "If header contains text 'X-Spam-Flag: YES' then move it to 'Junk e-mail messages' folder". Fine, but it has to be done on every user (for some users, this task is too "complicated" to made it themselves :-) . So I want to know, how could I modify message header in such a way, that Exchange junk e-mail filter will for 100% recognize this message as a spam, freeing user from task of defining his own rule. Some solution could be defining such a rule by using AD and group policy, but I wan't to avoid this due to many possible caveats: there are so many combination of different operating system and different Outlook versions, and to be honest, I doubt if it is even possible.

    Read the article

  • Something is spamming from my hMail server - how can I deal with this?

    - by joshcomley
    My Windows 2008 server is attempting to send out a lot of spam, I've just discovered, and I'm not sure how to see where the compromise is. For example: has someone hacked an account? Has someone hacked the server? Is there a virus on the server? What can I do to investigate this? Edit Thanks for the replies so far. I am running hMail server, and have spent so long investigating the correct configuration but still I end up with these emails being sent. Here is a screenshot of my Internet IP range settings on the server: (let me know what else I can provide to help)

    Read the article

  • How can I find a computer on my network that is doing mass mailings?

    - by Alex Ciarlill
    I was notified by my isp that one of my machines is sending out spam. This happened about 3 months ago on windows machine running cygwin that was hacked due to an SSH vuln. The hackers setup IIS and SMTP. I cleared out the machine and all the services are disabled so I think that machine is okay I am wondering if there is any other way to identify which machine it could be coming from? The ISP has NO useful information such as source port, destination port, destination IP... nothing. I am running DD-WRT on my router, Windows 7 PC and a Windows XP PC.

    Read the article

  • Gmail rejects emails. Openspf.net fails the tests

    - by pablomedok
    I've got a problem with Gmail. It started after one of our trojan infected PCs sent spam for one day from our IP address. We've fixed the problem, but we got into 3 black lists. We've fixed that, too. But still every time we send an email to Gmail the message is rejected: So I've checked Google Bulk Sender's guide once again and found an error in our SPF record and fixed it. Google says everything should become fine after some time, but this doesn't happen. 3 weeks already passed but we still can't send emails to Gmail. Our MX setup is a bit complex, but not too much: We have a domain name delo-company.com, it has it's own mail @delo-company.com (this one is fine, but the problems are with sub-domain name corp.delo-company.com). Delo-company.com domain has several DNS records for the subdomain: corp A 82.209.198.147 corp MX 20 corp.delo-company.com corp.delo-company.com TXT "v=spf1 ip4:82.209.198.147 ~all" (I set ~all for testing purposes only, it was -all before that) These records are for our corporate Exchange 2003 server at 82.209.198.147. Its LAN name is s2.corp.delo-company.com so its HELO/EHLO greetings are also s2.corp.delo-company.com. To pass EHLO check we've also created some records in delo-company.com's DNS: s2.corp A 82.209.198.147 s2.corp.delo-company.com TXT "v=spf1 ip4:82.209.198.147 ~all" As I understand SPF verifications should be passed in this way: Out server s2 connects to MX of the recepient (Rcp.MX): EHLO s2.corp.delo-company.com Rcp.MX says Ok, and makes SPF check of HELO/EHLO. It does NSlookup for s2.corp.delo-company.com and gets the above DNS-records. TXT records says that s2.corp.delo-company.com should be only from IP 82.209.198.147. So it should be passed. Then our s2 server says RCPT FROM: Rcp.MX` server checks it, too. The values are the same so they should also be positive. Maybe there is also a rDNS check, but I'm not sure what is checked HELO or RCPT FROM. Our PTR record for 82.209.198.147 is: 147.198.209.82.in-addr.arpa. 86400 IN PTR s2.corp.delo-company.com. To me everything looks fine, but anyway all emails are rejected by Gmail. So, I've checked MXtoolbox.com - it says everything is fine, I passed http://www.kitterman.com/spf/validate.html Python check, I did 25port.com email test. It's fine, too: Return-Path: <[email protected]> Received: from s2.corp.delo-company.com (82.209.198.147) by verifier.port25.com id ha45na11u9cs for <[email protected]>; Fri, 2 Mar 2012 13:03:21 -0500 (envelope-from <[email protected]>) Authentication-Results: verifier.port25.com; spf=pass [email protected] Authentication-Results: verifier.port25.com; domainkeys=neutral (message not signed) [email protected] Authentication-Results: verifier.port25.com; dkim=neutral (message not signed) Authentication-Results: verifier.port25.com; sender-id=pass [email protected] Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----_=_NextPart_001_01CCF89E.BE02A069" Subject: test Date: Fri, 2 Mar 2012 21:03:15 +0300 X-MimeOLE: Produced By Microsoft Exchange V6.5 Message-ID: <[email protected]> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: test Thread-Index: Acz4jS34oznvbyFQR4S5rXsNQFvTdg== From: =?koi8-r?B?89XQ0tXOwMsg8MHXxcw=?= <[email protected]> To: <[email protected]> I also checked with [email protected], but it FAILs all the time, no matter which SPF records I make: <s2.corp.delo-company.com #5.7.1 smtp;550 5.7.1 <[email protected]>: Recipient address rejected: SPF Tests: Mail-From Result="softfail": Mail From="[email protected]" HELO name="s2.corp.delo-company.com" HELO Result="softfail" Remote IP="82.209.198.147"> I've filled Gmail form twice, but nothing happens. We do not send spam, only emails for our clients. 2 or 3 times we did mass emails (like New Year Greetings and sales promos) from corp.delo-company.com addresses, but they where all complying to Gmail Bulk Sender's Guide (I mean SPF, Open Relays, Precedence: Bulk and Unsubscribe tags). So, this should be not a problem. Please, help me. What am I doing wrong? UPD: I also tried Unlocktheinbox.com test and the server also fails this test. Here is the result: http://bit.ly/wYr39h . Here is one more http://bit.ly/ypWLjr I also tried to send email from that server manually via telnet and everything is fine. Here is what I type: 220 mx.google.com ESMTP g15si4811326anb.170 HELO s2.corp.delo-company.com 250 mx.google.com at your service MAIL FROM: <[email protected]> 250 2.1.0 OK g15si4811326anb.170 RCPT TO: <[email protected]> 250 2.1.5 OK g15si4811326anb.170 DATA 354 Go ahead g15si4811326anb.170 From: [email protected] To: Pavel <[email protected]> Subject: Test 28 This is telnet test . 250 2.0.0 OK 1330795021 g15si4811326anb.170 QUIT 221 2.0.0 closing connection g15si4811326anb.170 And this is what I get: Delivered-To: [email protected] Received: by 10.227.132.73 with SMTP id a9csp96864wbt; Sat, 3 Mar 2012 09:17:02 -0800 (PST) Received: by 10.101.128.12 with SMTP id f12mr4837125ann.49.1330795021572; Sat, 03 Mar 2012 09:17:01 -0800 (PST) Return-Path: <[email protected]> Received: from s2.corp.delo-company.com (s2.corp.delo-company.com. [82.209.198.147]) by mx.google.com with SMTP id g15si4811326anb.170.2012.03.03.09.15.59; Sat, 03 Mar 2012 09:17:00 -0800 (PST) Received-SPF: pass (google.com: domain of [email protected] designates 82.209.198.147 as permitted sender) client-ip=82.209.198.147; Authentication-Results: mx.google.com; spf=pass (google.com: domain of [email protected] designates 82.209.198.147 as permitted sender) [email protected] Date: Sat, 03 Mar 2012 09:17:00 -0800 (PST) Message-Id: <[email protected]> From: [email protected] To: Pavel <[email protected]> Subject: Test 28 This is telnet test

    Read the article

  • How to configure amavisd-new for only scanning on particular senders/servers?

    - by mailq
    I'd like to know how to configure amavisd-new to only scan for Spam on particular clients (IPs, CIDRs or hostnames) or alternatively sender's email domain. I know that it is possible to do it on a recipient's mail address but not on how to do it for the sender's mail address. It is even possible to do it on a recipient's IP address with policy banks. But my approach should be to be independent of recipient and only relay on the sender. What I want to accomplish is to only scan mails originating from Yahoo, Google, Hotmail and the other big senders. So it is easier to configure which senders should be observed than the ones that shouldn't. I known that it is easier to achieve on the MTA side, but that is not part of the question because I already go a solution on the MTA side. I want to do it on amavisd-new. And it doesn't help to know how to put senders on a whitelist, as this still means that the mail goes through all the scanning but then gets a high negative score. The mail shouldn't be scanned at all unless sent by the big players. So which parameters in amavisd-new is the right one to enable scanning for particular senders and only for these?

    Read the article

  • Postfix Problem (helo/hostname mismatch)!

    - by CuSS
    Hi all, I have a server, and it is running a error for one email only (all other mails in that domain are working). How can i fix it? (The error is above:) May 17 11:43:56 webserver postfix/policyd-weight[5596]: weighted check: IN_DYN_PBL_SPAMHAUS=3.25 NOT_IN_SBL_XBL_SPAMHAUS=-1.5 NOT_IN_SPAMCOP=-1.5 NOT_IN_BL_NJABL=-1.5 DSBL_ORG=ERR(0) CL_IP_NE_HELO=4.75 RESOLVED_IP_IS_NOT_HELO=1.5 HELO_NUMERIC=10.625 (check from: .eticagest. - helo: .[10.0.0.17]. - helo-domain: .17].) FROM_NOT_FAILED_HELO(DOMAIN)=6.25; <client=188.80.139.211> <helo=[10.0.0.17]> <[email protected]> <[email protected]>; rate: 21.875 May 17 11:43:56 webserver postfix/policyd-weight[5596]: decided action=550 Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings or to get removed from DNSBLs; MTA helo: [10.0.0.17], MTA hostname: bl15-139-211.dsl.telepac.pt[188.80.139.211] (helo/hostname mismatch); <client=188.80.139.211> <helo=[10.0.0.17]> <[email protected]> <[email protected]>; delay: 6s

    Read the article

  • Can any postfix guru assist me determine how emails are still being sent via my server from unauthorized sources?

    - by Dave
    Hi all, I'm getting a little concerned as I run a small server hosting a number of websites and manage the email for a few dozen people. Just recently though I've had a couple of notifications from spamcop alerting me that spam has been sent from my server, and when I have a look over the logs from time to time I can indeed see that there are many repeated attempts of mail being sent from my server. Most of the time it gets knocked back from the destination servers but sometimes its getting through. Unfortunately I'm not linux or postfix expert, I can get by but had though I had my machine locked down quite securely, I don't allow relaying, when I check the online DNS/MX tools they tend to report my server as being OK so I'm not sure where to take it now and hoping someone might be able to throw me a few pointers. I get lots of entries like this in my MAIL.INFO log Jan 2 08:39:34 Debian-50-lenny-64-LAMP postfix/qmgr[15993]: 66B88257C12F: from=<>, size=3116, nrcpt=1 (queue active) Jan 2 08:39:34 Debian-50-lenny-64-LAMP postfix/qmgr[15993]: 614C2257C1BC: from=<[email protected]>, size=2490, nrcpt=3 (queue active) and Jan 7 16:09:37 Debian-50-lenny-64-LAMP postfix/error[6471]: 0A316257C204: to=<[email protected]>, relay=none, delay=384387, delays=384384/3/0/0.01, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mx.fakemx.net[46.4.35.23] refused to talk to me: 421 mx.fakemx.net Service Unavailable) Jan 7 16:09:37 Debian-50-lenny-64-LAMP postfix/error[6470]: 5848C257C20D: to=<[email protected]>, relay=none, delay=384373, delays=384370/3/0/0.01, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mx.fakemx.net[46.4.35.23] refused to talk to me: 421 mx.fakemx.net Service Unavailable) then there tends to be connection timeouts, so from what I see even though I had relaying disabled.. something is getting by and trying to send.. So if you can help that will be greatly appreciated, and any further logging/config info I can supply. Thanks

    Read the article

  • Can anyone do anything about the spam here on weblogs.asp.net?

    - by Chris Hammond
    If there anyone out there who can do something about the spam here on weblogs.asp.net? Perhaps we could get some new software here that we could use to blog with? The old software barely works in Chrome (I can't see the rich text editor at this point), and lately the notification emails for Comments (which are mostly spam anyways) are pointing to http://weblogs.aspnet05.orcsweb.com which tries to get you to login with https://weblogs.aspnet05.orcsweb.com/ Anyone still maintaining this place?...(read more)

    Read the article

  • how Postfix anti spam configuration works with DNS-based Blackhole List providers

    - by Ashish
    Hello, I have setup a Postfix mail server for incoming mails that is required to never reply to external enviornment i.e it will accept all incoming mails and never reply anything that can be used as a trace to locate and verify it's existence. I have implemented the Postfix anti-UCE configuration by using the following settings in postfix main.cf for countering spam generating mail servers: 'smtpd_recipient_restrictions = reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net' Now i have certain doubts/questions: How Postfix is able to communicate with Black hole list providers i.e How this whole process works?, e.g here they are zen.spamhaus.org, bl.spamcop.net, so that i can test the performance of whole process. Can a header be added in the received mail regarding the status of the results of the above verification process, since i will not reply any traces from my incoming mail receiving Postfix server, so i need this feature? Please post relevant links for reference. Thanks in advance!!! Ashish

    Read the article

  • Java Spam Filter

    - by JackSparrow
    I'm trying to create a spam filter in Java using the Bayesian algorithm. I use a text file that contains email messages and split the tokens using regex, storing these values into a hashmap. My problem is, with regex, the email addresses are split so instead of: [email protected] regex causes the token to be: john smith example The same holds true for ip addresses, so for example, instead of: 192.55.34.322 regex splits the tokens to be: 192 55 34 322 So does anybody know of a way that I could read the email messages and store their contents as is?

    Read the article

  • Email goes to spam

    - by VICKY Shastri
    i am creating an simple mail sending application in c# windows form application. My application works well but when i send email to my yahoo account it goes to spam not in inbox but if i send email to gmail it goes to inbox. please tell me what i need to do to send email in inbox below is my code: try { // setup mail message MailMessage message = new MailMessage(); message.From = new MailAddress(textBox1.Text); message.To.Add(new MailAddress(textBox2.Text)); message.Subject = textBox3.Text; message.Body = richTextBox1.Text; // setup mail client SmtpClient mailClient = new SmtpClient("smtp.mail.yahoo.com"); mailClient.Credentials = new NetworkCredential(textBox1.Text, "password"); // send message mailClient.Send(message); MessageBox.Show("Sent"); } catch(Exception) { MessageBox.Show("Error"); }

    Read the article

  • I can't send email from my server to gmail addresses

    - by brianegge
    I'm using postfix, and have setup spf, dkim, and domainkeys. I can get my email to go to Yahoo, but not gmail. Here's the headers from an email send to Yahoo. Yahoo reports the email as domain key verified. X-Apparently-To: brianegge at yahoo.com via 68.142.206.167; Sat, 20 Mar 2010 05:29:19 -0700 Return-Path: <domains at theeggeadventure.com> X-YahooFilteredBulk: 67.207.137.114 X-YMailISG: x7_Rl9EWLDuugoqPcORhih0FeQMOaIIpz4qfuu9ttx1xbo3uKI2kz.CLUy2cJ1BTtHAwuJtrsGRsveHIx.Dx95avNGlPPGWy_cSpnEwWLXGxBciO.YgtSQxdURQiWLCLvbHej0QPjQIHFjAFjdeGhJd2Y8NgTW1wcExq45Sb7LMlOGvtGMjSQuc8QazwXUxpZrQbIxgSQUTmzQO1x30xaZ2Us6TQTab7Wpya6OgAX.emKOM3phfS5kfhYj9FLQ.qi32sFNWnAoFdVK596OTP2F63PAJOVM5qPsM2jIAbJylIBmnj94LO7hOVr3KOS6XLtCPRn2Oe X-Originating-IP: [67.207.137.114] Authentication-Results: mta1055.mail.mud.yahoo.com from=theeggeadventure.com; domainkeys=pass (ok); from=theeggeadventure.com; dkim=pass (ok) Received: from 127.0.0.1 (EHLO mail.theeggeadventure.com) (67.207.137.114) by mta1055.mail.mud.yahoo.com with SMTP; Sat, 20 Mar 2010 05:29:19 -0700 Received: by mail.theeggeadventure.com (Postfix, from userid 1003) id BB5B01C16A4; Sat, 20 Mar 2010 12:29:16 +0000 (UTC) DomainKey-Signature: a=rsa-sha1; s=2010; d=theeggeadventure.com; c=simple; q=dns; b=JHbK9VhqyQTfpQFqaXxJrKpEG9h9H0IZ0LdWoBooJEA7hv3SYWmFUtyE247EuwoaG gzApKJ1DuRhwESZ7PswrbzuaUL8poAUO8LmMvZ+OqnDolgNSJUYWu0FcO+fe3H4m9ZD grkj0xMpHw+uFjXV4plKO+sa8olJXJAmP+9cMEo= X-DKIM: Sendmail DKIM Filter v2.8.2 mail.theeggeadventure.com BB5B01C16A4 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=theeggeadventure.com; s=2010; t=1269088156; bh=bUlMldcnzFCmCmNT8qjpRl6fiY1YyjiZiC9jhCXASOw=; h=Subject:To:Message-Id:Date:From; b=EVNolTlh4Gch5/HIrrHaRQvcApl7wkB42gB44NsPcLZD2QrhuOvnhanhnEB4UbV0e A+3dAOjhX7LKzgGrn11jXNTiEjNX1vQDsX3HyG0fNra73aWiGTzr1nHJfnuEJ7Ph0j 5tp0HRL5jjikD1XJcvmsYzTpT22mxuz60HXYRB1s= Subject: cron To: <brianegge at yahoo.com> X-Mailer: mail (GNU Mailutils 1.2) Message-Id: <[email protected]> Date: Sat, 20 Mar 2010 12:29:16 +0000 (UTC) From: This sender is DomainKeys verified [email protected] (domains) View contact details Content-Length: 818 When I send to gmail, I see the following in my server log, but the message doesn't even reach my spam folder. Mar 20 12:59:12 Everest postfix/pickup[27802]: C81C61C16A4: uid=1000 from=<egge> Mar 20 12:59:12 Everest postfix/cleanup[27847]: C81C61C16A4: message-id=<[email protected]> Mar 20 12:59:13 Everest postfix/qmgr[27801]: C81C61C16A4: from=<[email protected]>, size=2784, nrcpt=1 (queue active) Mar 20 12:59:14 Everest postfix/smtp[27849]: C81C61C16A4: to=<brianegge at gmail.com>, relay=gmail-smtp-in.l.google.com[209.85.223.24]:25, delay=2.1, delays=0.39/0.28/0.13/1.3, dsn=2.0.0, status=sent (250 2.0.0 OK 1269089954 32si4566750iwn.51) Mar 20 12:59:14 Everest postfix/qmgr[27801]: C81C61C16A4: removed I've send to email to test services, and the report everything verifies ok. I've also checked all the RBL lists, and I'm not on any of them.

    Read the article

  • Indirect Postfix bounces create new user directories

    - by hheimbuerger
    I'm running Postfix on my personal server in a data centre. I am not a professional mail hoster and not a Postfix expert, it is just used for a few domains served from that server. IIRC, I mostly followed this howto when setting up Postfix. Mails addressed to one of the domains the server manages are delivered locally (/srv/mail) to be fetched with Dovecot. Mails to other domains require usage of SMTPS. The mailbox configuration is stored in MySQL. The problem I have is that I suddenly found new mailboxes being created on the disk. Let's say I have the domain 'example.com'. Then I would have lots of new directories, e.g. /srv/mail/example.com/abenaackart /srv/mail/example.com/abenaacton etc. There are no entries for these addresses in my database, neither as a mailbox nor as an alias. It's clearly spam from auto-generated names. Most of them start with 'a', a few with 'b' and a couple of random ones with other letters. At first I was afraid of an attack, but all security restrictions seem to work. If I try to send mail to these addresses, I get an "Recipient address rejected: User unknown in virtual mailbox table" during the 'RCPT TO' stage. So I looked into the mails stored in these mailboxes. Turns out that all of them are bounces. It seems like all of them were sent from a randomly generated name to an alias that really exists on my system, but pointed to an invalid destination address on another host. So Postfix accepted it, then tried to redirect it to another mail server, which rejected it. This bounced back to my Postfix server, which now took the bounce and stored it locally -- because it seemed to be originating from one of the addresses it manages. Example: My Postfix server handles the example.com domain. [email protected] is configured to redirect to [email protected]. [email protected] has since been deleted from the Hotmail servers. Spammer sends mail with FROM:[email protected] and TO:[email protected]. My Postfix server accepts the mail and tries to hand it off to hotmail.com. hotmail.com sends a bounce back. My Postfix server accepts the bounce and delivers it to /srv/mail/example.com/bob. The last step is what I don't want. I'm not quite sure what it should do instead, but creating hundreds of new mailboxes on my disk is not what I want... Any ideas how to get rid of this behaviour? I'll happily post parts of my configuration, but I'm not really sure where to start debugging the problem at this point.

    Read the article

< Previous Page | 12 13 14 15 16 17 18 19 20 21 22 23  | Next Page >