Hello, do others see spam waves from cloudapp.azure.com, too?
In the logs, it looks like this (anonymized) Oct 9 11:43:54 mail postfix/smtpd[19958]: NOQUEUE: reject: RCPT from ijhytgfgg-germanywestcentral12.germanywestcentral.cloudapp.azure.com[51.116.228.69]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<l4bq.lemgo.de> Oct 9 11:44:07 mail postfix/smtpd[22022]: NOQUEUE: reject: RCPT from ijhytgfgg-japaneast13.japaneast.cloudapp.azure.com[104.41.164.157]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<f602.jacobsbaits.com> Oct 9 11:44:11 mail postfix/smtpd[25041]: NOQUEUE: reject: RCPT from ijhytgfgg-japanwest14.japanwest.cloudapp.azure.com[40.74.124.177]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<758w.viking-store.com> Oct 9 11:44:11 mail postfix/smtpd[21192]: NOQUEUE: reject: RCPT from ijhytgfgg-westus215.westus2.cloudapp.azure.com[52.158.248.164]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<9p29.secmehikayeler.com> Oct 9 11:44:20 mail postfix/smtpd[21134]: NOQUEUE: reject: RCPT from ijhytgfgg-germanywestcentral3.germanywestcentral.cloudapp.azure.com[51.116.225.249]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<l32s.lemgo.de> Oct 9 11:44:40 mail postfix/smtpd[25041]: NOQUEUE: reject: RCPT from ijhytgfgg-westus15.westus.cloudapp.azure.com[52.160.46.11]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<rl7l.sendwish.me> Oct 9 11:45:09 mail postfix/smtpd[25035]: NOQUEUE: reject: RCPT from ijhytgfgg-koreacentral12.koreacentral.cloudapp.azure.com[20.194.32.135]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<53ll.kinola2.pw> Oct 9 11:45:10 mail postfix/smtpd[21192]: NOQUEUE: reject: RCPT from ijhytgfgg-eastus21.eastus2.cloudapp.azure.com[20.190.236.69]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<ohgs.ns2.verbodavida.com> Oct 9 11:45:38 mail postfix/smtpd[19958]: NOQUEUE: reject: RCPT from ijhytgfgg-japanwest19.japanwest.cloudapp.azure.com[40.74.71.96]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<epnf.viking-store.com> Oct 9 11:45:43 mail postfix/smtpd[21192]: NOQUEUE: reject: RCPT from ijhytgfgg-brazilsouth2.brazilsouth.cloudapp.azure.com[191.233.196.14]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<r7cw.whpotriqf.com> Oct 9 11:45:43 mail postfix/smtpd[21192]: NOQUEUE: reject: RCPT from ijhytgfgg-brazilsouth2.brazilsouth.cloudapp.azure.com[191.233.196.14]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<r7cw.whpotriqf.com> Oct 9 11:46:26 mail postfix/smtpd[21134]: NOQUEUE: reject: RCPT from ijhytgfgg-japanwest14.japanwest.cloudapp.azure.com[40.74.124.177]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<758w.viking-store.com> Oct 9 11:46:26 mail postfix/smtpd[19958]: NOQUEUE: reject: RCPT from ijhytgfgg-australiaeast16.australiaeast.cloudapp.azure.com[20.188.194.24]: 554 5.7.1 <>: Sender address rejected: Access denied; from=<> to=<...> proto=ESMTP helo=<vshy.fullbrandback.com> It looks like the hostnamed are being created automatically based on a pattern, Azure should be able to detect and curb it. Cheers, Hans-Martin _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
