One of our list owners got an odd notice from our institutional email security/spam management system (Mimecast) for a bounced email from her list. She was a bit confused because she hadn’t sent anything to the list (it operates as an announcement list, everyone is moderated) since Nov 26.
Your message couldn't be delivered The message you sent to tvanhas...@yumaregional.org<mailto:tvanhas...@yumaregional.org> couldn't be delivered due to: Recipient email server rejected the message. Further information 5.7.1 Filter Rule 19 - BLANK E-MAIL FILTER (Filter Macro 2977) If you sent this message to multiple addresses, you'll receive a notification like this for every one that didn't arrive. When I went poking through the logs I found a bunch of notices in the smtp logs that look like this, that I cannot connect to a message ID... smtp:Dec 12 15:57:46 2024 (1200) <mailman.0.1734044265.3351215.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.087 seconds smtp:Dec 13 08:48:10 2024 (1200) <mailman.0.1734104889.3402091.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.119 seconds smtp:Dec 13 08:50:47 2024 (1200) <mailman.0.1734105046.3402213.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.118 seconds smtp:Dec 13 08:52:53 2024 (1200) <mailman.0.1734105172.3402319.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.136 seconds smtp:Dec 13 08:54:06 2024 (1200) <mailman.0.1734105245.3402387.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.087 seconds smtp:Dec 13 08:55:49 2024 (1200) <mailman.0.1734105349.3402468.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.109 seconds smtp:Dec 13 08:56:58 2024 (1200) <mailman.0.1734105417.3402529.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.088 seconds smtp:Dec 13 08:59:37 2024 (1200) <mailman.0.1734105576.3402651.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.118 seconds smtp:Dec 13 08:59:59 2024 (1200) <mailman.0.1734105598.3402676.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.087 seconds smtp:Dec 13 09:00:33 2024 (1200) <mailman.0.1734105631.3402823.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.087 seconds smtp:Dec 13 09:03:00 2024 (1200) <mailman.0.1734105779.3402959.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.119 seconds smtp:Dec 13 09:17:29 2024 (1200) <mailman.0.1734106648.3403725.precept...@lists.pharmacy.arizona.edu> smtp to preceptors for 1 recips, completed in 0.100 seconds These do not look like normal smtp entries; the last one for this particular list was on Nov 26 and looks normal: smtp-20241201:Nov 26 12:32:27 2024 (1200) <cy5pr19mb63373ba001aa415698b3d026e0...@cy5pr19mb6337.namprd19.prod.outlook.com> smtp to preceptors for 1202 recips, completed in 0.989 seconds Are these retry entries for failed deliveries? Or should I be concerned this is some sort of attack on our list server? (we’re using Postfix for an MTA) -- Bruce Johnson University of Arizona College of Pharmacy Information Technology Group Institutions do not have opinions, merely customs ------------------------------------------------------ Mailman-Users mailing list -- mailman-users@python.org To unsubscribe send an email to mailman-users-le...@python.org https://mail.python.org/mailman3/lists/mailman-users.python.org/ Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: https://www.mail-archive.com/mailman-users@python.org/ https://mail.python.org/archives/list/mailman-users@python.org/ Member address: arch...@jab.org