IMail v 8.22... For the past several days, we have been receiving traffic addressed to random letters in place of the user name to our domain. The IP addresses appear to match the sending domain. Of course, since the users do not exist on our mail server, the logs give an error "invalid user".
This is happening hundreds of times per day, with very little repeat offenders. Coming from different IPs. All with: "MAIL From:<>" I have provided a snippet of one of our logs to show you what I mean. Anyone else experiencing this? And, what could be causing it? What are the options of stopping it? Thanks, Tom ------------------------------------------Sample from Log------------------------------ 20060607 000235 127.0.0.1 SMTPD (5deb017c00000574) [192.168.1.2] connect 65.215.51.72 port 3194 20060607 000235 127.0.0.1 SMTPD (5deb017c00000574) [65.215.51.72] EHLO smtp2.maxhealth.com 20060607 000235 127.0.0.1 SMTPD (5deb017c00000574) [65.215.51.72] MAIL FROM:<> 20060607 000235 127.0.0.1 SMTPD (5deb017c00000574) [65.215.51.72] RCPT TO:<[EMAIL PROTECTED]> 20060607 000235 127.0.0.1 SMTPD (5deb017c00000574) [65.215.51.72] ERR ntserve.sharpcom.com invalid user <[EMAIL PROTECTED] 20060607 000330 127.0.0.1 SMTPD (5e2201a40000057b) [192.168.1.2] connect 210.231.151.90 port 33653 20060607 000330 127.0.0.1 SMTPD (5e2201a40000057b) [210.231.151.90] EHLO mx3.alles.or.jp 20060607 000331 127.0.0.1 SMTPD (5e2201a40000057b) [210.231.151.90] MAIL FROM:<> 20060607 000331 127.0.0.1 SMTPD (5e2201a40000057b) [210.231.151.90] RCPT TO:<[EMAIL PROTECTED]> 20060607 000331 127.0.0.1 SMTPD (5e2201a40000057b) [210.231.151.90] ERR ntserve.sharpcom.com invalid user <[EMAIL PROTECTED] 20060607 000658 127.0.0.1 SMTPD (5ef201a400000583) Denied access from 4.79.248.37 20060607 000718 127.0.0.1 SMTPD (5f06017c00000584) [192.168.1.2] connect 217.71.204.10 port 43638 20060607 000718 127.0.0.1 SMTPD (5f06017c00000584) [217.71.204.10] EHLO recall.ows.es 20060607 000718 127.0.0.1 SMTPD (5f06017c00000585) [217.71.204.10] EHLO recall.ows.es 20060607 000718 127.0.0.1 SMTPD (5f06017c00000585) [217.71.204.10] MAIL From:<> 20060607 000719 127.0.0.1 SMTPD (5f06017c00000585) [217.71.204.10] RCPT To:<[EMAIL PROTECTED]> 20060607 000839 127.0.0.1 SMTPD (5f5701920000058c) [192.168.1.2] connect 83.218.64.154 port 34612 20060607 000839 127.0.0.1 SMTPD (5f5701920000058c) [83.218.64.154] EHLO spamfix2.infracom.se 20060607 000839 127.0.0.1 SMTPD (5f5701920000058c) [83.218.64.154] MAIL FROM:<> 20060607 000839 127.0.0.1 SMTPD (5f5701920000058c) [83.218.64.154] RCPT TO:<[EMAIL PROTECTED]> 20060607 000839 127.0.0.1 SMTPD (5f5701920000058c) [83.218.64.154] ERR ntserve.sharpcom.com invalid user <[EMAIL PROTECTED] To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
