On 28-Jun-06, at 5:46 AM, Steven Wayne wrote: > On Tue, Jun 27, 2006 at 02:47:35PM -0700, Dustin Jenkins wrote: >> >> Thanks for the response. >> >> The dc_accept_relay should've been dc_host_accept_relay, I should've >> taken that out, thanks for pointing to it. >> >> Here's a snippet from my /var/log/exim4/mainlog, the paniclog and >> reject log are empty. As you can see there are all kinds of >> different addresses from arbitrary traffic going to arbitrary >> domains. Mostly it gets denied, but sometimes it succeeds with a >> 'Completed' message, but what I want is for it to not try at all! I >> would've thought that I shouldn't be seeing any of this stuff. >> >> <LOG-SNIPPET> >> 2006-06-26 22:14:46 1Fv5uQ-0001ik-2H <= <> R=1FrfGX-0002bI-3K >> U=Debian-exim P=local S=2482 >> 2006-06-26 22:14:46 1FrfGX-0002bI-3K Completed >> 2006-06-26 22:14:46 1Fv5uQ-0001ik-2H ** [EMAIL PROTECTED] >> <[EMAIL PROTECTED]> R=dnslookup T=remote_smtp: retry time >> not reached for any host after a long failure period >> 2006-06-26 22:14:46 1Fv5uQ-0001ik-2H Frozen (delivery error message) >> 2006-06-26 22:14:47 1FrfX0-0003LM-4v => [EMAIL PROTECTED] >> R=dnslookup T=remote_smtp H=cluster6.us.messagelabs.com >> [216.82.249.195] X=TLS-1.0:RSA_AES_256_CBC_SHA1:32 >> 2006-06-26 22:14:47 1FrfX0-0003LM-4v Completed >> 2006-06-26 22:14:47 1FrfEe-0002Z2-BA a.mx0.gatewaydefender.com >> [209.153.138.190] Connection timed out >> 2006-06-26 22:14:50 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED]: an MX >> or SRV record indicated no SMTP service >> 2006-06-26 22:14:51 1FrfWq-0003L8-M0 => [EMAIL PROTECTED] >> R=dnslookup T=remote_smtp H=wppim001.aexp.com [193.32.34.92] >> X=TLS-1.0:RSA_AES_256_CBC_SHA1:32 >> 2006-06-26 22:14:51 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] R=dnslookup >> T=remote_smtp: SMTP error from remote mail server after RCPT >> TO:<[EMAIL PROTECTED]>: host mailhub-new.vianetworks.nl >> [212.61.15.154]: 554 Service unavailable; Client host [24.68.130.247] >> blocked using safe.dnsbl.sorbs.net; Dynamic IP Addresses See: >> http://www.sorbs.net/lookup.shtml?24.68.130.247 >> 2006-06-26 22:14:53 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] R=dnslookup >> T=remote_smtp: SMTP error from remote mail server after RCPT >> TO:<[EMAIL PROTECTED]>: host mx10.uni.net [217.72.103.201]: 550 5.1.1 >> <[EMAIL PROTECTED]> User unknown; rejecting >> 2006-06-26 22:14:54 1FrfWq-0003L8-M0 => [EMAIL PROTECTED] >> R=dnslookup T=remote_smtp H=mail.atriniti.com [68.15.40.154] >> 2006-06-26 22:14:55 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] >> R=dnslookup T=remote_smtp: SMTP error from remote mail server after >> MAIL FROM:<[EMAIL PROTECTED]> SIZE=2513: host mx2.earthlink.net >> [209.86.93.227]: 550 Dynamic IPs/open relays blocked. Contact >> <[EMAIL PROTECTED]>. >> 2006-06-26 22:14:56 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] R=dnslookup >> T=remote_smtp: SMTP error from remote mail server after RCPT >> TO:<[EMAIL PROTECTED]>: host URO.COM.INBOUND15.MXLOGIC.NET >> [208.65.145.3]: 550 Recipient unknown >> 2006-06-26 22:14:57 1FrfWq-0003L8-M0 => [EMAIL PROTECTED] R=dnslookup >> T=remote_smtp H=mx4.hotmail.com [65.54.245.104] >> 2006-06-26 22:14:58 1FrfWq-0003L8-M0 ** [EMAIL PROTECTED] >> R=dnslookup T=remote_smtp: SMTP error from remote mail server after >> initial connection: host mailin-02.mx.netscape.net [205.188.158.57]: >> 554- (RTR:BB) >> http://postmaster.info.aol.com/errors/554rtrbb.html\n554 Connecting >> IP: 24.68.130.247 >> 2006-06-26 22:14:58 1FrfWq-0003L8-M0 == [EMAIL PROTECTED] >> R=dnslookup T=remote_smtp defer (-44): SMTP error from remote mail >> server after RCPT TO:<[EMAIL PROTECTED]>: host >> mailwash16.pair.com [66.39.2.16]: 450 <[EMAIL PROTECTED]>: >> Recipient address rejected: Service temporarily unavailable >> 2006-06-26 22:15:02 1FrfWS-0003Lu-HQ => [EMAIL PROTECTED] >> R=dnslookup T=remote_smtp H=msa-mx2.hinet.net [168.95.5.113] >> 2006-06-26 22:15:02 1FrfWS-0003Lu-HQ Completed >> 2006-06-26 22:15:04 1FrfWK-0003LL-Hx ** [EMAIL PROTECTED] R=dnslookup >> T=remote_smtp: SMTP error from remote mail server >> after RCPT TO:<[EMAIL PROTECTED]>: host mx3.nownuri.net >> [203.238.128.89]: 550 5.1.1 k2000 Unknown User >> </LOG-SNIPPET> >> >> When you say obfuscated, are you referring to the configuration in >> general or specific components? > > This doesn't show a complete log of any transaction. > > Run > > exigrep -l 1FrfWq-0003L8-M0 /var/log/exim4/maillog* > > It's the "<=" mark that tells where their coming from. > > Are you running a web server on this machine too? > > And please don't top-post. > > Steven. > -- > A new dramatist of the absurd > Has a voice that will shortly be heard. > I learn from my spies > He's about to devise > An unprintable three-letter word. > > -- > ## List details at http://www.exim.org/mailman/listinfo/exim-users > ## Exim details at http://www.exim.org/ > ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
Thanks for the reply. I'm going to do as suggested and learn to read the logs before I post anything else. I am running a web server on the box as well though, yes. Much obliged, Dustin -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
