2010/3/24 Steffen Kaiser <[email protected]>:
> On Mon, 22 Mar 2010, Jakub Wasielewski wrote: > >> It only occurs on backup MX server (sendmail 8.14.0) who checks for >> valid recipients using >> md_check_against_smtp_server(). > > Why does the mail hit your backup MX in the first place? Is the primary > server offline? Well, we are talking about backscatter done - in purpose - by spammers. Why do they connect to MX'es with bigger priority instead of primary server? Because lots and lots of such MX'es do not verify recipients at all and are a tailor-made for passing spam to victims. This is how backscatter works. >> The problem is that a DSN message is generated and sent to >> [email protected] about message > > Did you verified that the DSN is from one of _your_ hosts at all? IMHO there > should be a: > > sendmail[pid]: queueid1: queueid2: DSN: reason Yes it is. The reason is : User unknown: Mar 20 04:54:18 [sm-mta] o2K3sEnS001039: o2K3sInS001048: DSN: User unknown > log entry. Can you verify that queueid1 is the queueid of the message that > entered your host from outside. Sure thing. -- Jakub Wasielewski _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
