One of our list owners got an odd notice from our institutional email 
security/spam management system (Mimecast) for a bounced email from her list. 
She was a bit confused because she hadn’t sent anything to the list (it 
operates as an announcement list, everyone is moderated) since Nov 26.

Your message couldn't be delivered

The message you sent to 
tvanhas...@yumaregional.org<mailto:tvanhas...@yumaregional.org> couldn't be 
delivered due to: Recipient email server rejected the message.


Further information

5.7.1 Filter Rule 19 - BLANK E-MAIL FILTER (Filter Macro 2977)

If you sent this message to multiple addresses, you'll receive a notification 
like this for every one that didn't arrive.

When I went poking through the logs I found a bunch of notices in the smtp logs 
that look like this, that I cannot connect to a message ID...


smtp:Dec 12 15:57:46 2024 (1200) 
<mailman.0.1734044265.3351215.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.087 seconds

smtp:Dec 13 08:48:10 2024 (1200) 
<mailman.0.1734104889.3402091.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.119 seconds

smtp:Dec 13 08:50:47 2024 (1200) 
<mailman.0.1734105046.3402213.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.118 seconds

smtp:Dec 13 08:52:53 2024 (1200) 
<mailman.0.1734105172.3402319.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.136 seconds

smtp:Dec 13 08:54:06 2024 (1200) 
<mailman.0.1734105245.3402387.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.087 seconds

smtp:Dec 13 08:55:49 2024 (1200) 
<mailman.0.1734105349.3402468.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.109 seconds

smtp:Dec 13 08:56:58 2024 (1200) 
<mailman.0.1734105417.3402529.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.088 seconds

smtp:Dec 13 08:59:37 2024 (1200) 
<mailman.0.1734105576.3402651.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.118 seconds

smtp:Dec 13 08:59:59 2024 (1200) 
<mailman.0.1734105598.3402676.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.087 seconds

smtp:Dec 13 09:00:33 2024 (1200) 
<mailman.0.1734105631.3402823.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.087 seconds

smtp:Dec 13 09:03:00 2024 (1200) 
<mailman.0.1734105779.3402959.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.119 seconds

smtp:Dec 13 09:17:29 2024 (1200) 
<mailman.0.1734106648.3403725.precept...@lists.pharmacy.arizona.edu> smtp to 
preceptors for 1 recips, completed in 0.100 seconds

These do not look like normal smtp entries; the last one for this particular 
list was on Nov 26 and looks normal:


smtp-20241201:Nov 26 12:32:27 2024 (1200)  
<cy5pr19mb63373ba001aa415698b3d026e0...@cy5pr19mb6337.namprd19.prod.outlook.com>
 smtp to preceptors for 1202 recips, completed in 0.989 seconds

Are these retry entries for failed deliveries? Or should I be concerned this is 
some sort of attack on our list server?

(we’re using Postfix for an MTA)


--
Bruce Johnson
University of Arizona
College of Pharmacy
Information Technology Group

Institutions do not have opinions, merely customs


------------------------------------------------------
Mailman-Users mailing list -- mailman-users@python.org
To unsubscribe send an email to mailman-users-le...@python.org
https://mail.python.org/mailman3/lists/mailman-users.python.org/
Mailman FAQ: http://wiki.list.org/x/AgA3
Security Policy: http://wiki.list.org/x/QIA9
Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/
    https://mail.python.org/archives/list/mailman-users@python.org/
Member address: arch...@jab.org

Reply via email to