Thank you Len for your reply, and Happy Easter to all. The IP address doing this is not in my relay list, I have very few servers talking to IMGATE.
I had recently disabled SAV, and maybe forgotten to restart postfix after that, so maybe this is why we are still seeing this SAV behavior ? How is this preventable with SAV turned on and off? Thanks, -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Len Conrad Sent: Monday, April 09, 2007 3:15 AM To: [email protected] Subject: [IMGate] Re: Being used to do harvest hotmail accounts? >I got an email from hotmail.com saying that my IMGATE machine is being used >to harvest hotmail account, I looked at my queue file and found a ton of >these entries: > >7B9E23EB5E* 5650 Sat Apr 7 04:58:52 MAILER-DAEMON > [EMAIL PROTECTED] > >7FE143EB1B* 5643 Sat Apr 7 04:58:53 MAILER-DAEMON > [EMAIL PROTECTED] > >7A86A54247* 5655 Sat Apr 7 05:14:50 MAILER-DAEMON > [EMAIL PROTECTED] > >7D7F554249* 5660 Sat Apr 7 05:14:50 MAILER-DAEMON > [EMAIL PROTECTED] mail from MAILER-DAEMON is postfix sending delivery messages to the sender, for messages that postfix accepted for your recipeints but were bounced by your mail server. The hotmail senders are forged, so hotmail rejects. Len >Here are smtpd restrictions in main.cf: > >smtpd_recipient_restrictions = > reject_invalid_hostname, > reject_unlisted_recipient, .... this should stop postfix from accepting unknown recipients. maybe you have a PC that is compromised and is sending out a bunch of crap? Check your logs carefully for each of those [EMAIL PROTECTED] Len
