2010/3/24 Steffen Kaiser <[email protected]>: > On Wed, 24 Mar 2010, Jakub Wasielewski wrote: > >>> Why does the mail hit your backup MX in the first place? Is the primary >>> server offline? >> >> Well, we are talking about backscatter done - in purpose - by >> spammers. Why do they connect > > So, do you need a backup MX at all, if the primary is online?
I do need it for when primary goes offline or is under ddos or anything like that. My both MX'es are not a final destination of messages with routing based on mailertable. When primary is not accessible, recipient verification is still possible because it is not run on primary MX. >>> sendmail[pid]: queueid1: queueid2: DSN: reason >> >> Yes it is. The reason is : User unknown: >> Mar 20 04:54:18 [sm-mta] o2K3sEnS001039: o2K3sInS001048: DSN: User unknown >> >>> log entry. Can you verify that queueid1 is the queueid of the message >>> that >>> entered your host from outside. > > What does the other log entries of o2K3sEnS001039 say? Where it is from, > which relay, ... The whole session looks like this: Mar 20 04:54:16 [mimedefang.pl] o2K3sEnS001039: SPF implemented=no, result=neutral, smtp_comment=, header_comment=_ Mar 20 04:54:17 [mimedefang.pl] o2K3sEnS001039: md_check_against_smtp_server for <[email protected]> on petrus.opoka.org.pl returned 550 5.1.1 <[email protected]>: Recipient address rejected: User unknown_ Mar 20 04:54:17 [sm-mta] o2K3sEnS001039: Milter: to=<[email protected]>, reject=550 5.1.1 <[email protected]>: Recipient address rejected: User unknown Mar 20 04:54:18 [sm-mta] o2K3sEnS001039: from=<[email protected]>, size=446, class=0, nrcpts=2, msgid=<000e01cac7e0$ede91e40$00426...@dusdeffqwta>, proto=ESMTP, daemon=MTA, relay=localhost [222.254.116.232] (may be forged) Mar 20 04:54:18 [clamd] /var/spool/MIMEDefang/mdefang-o2K3sEnS001039/Work/msg-3183-256.txt: OK_ Mar 20 04:54:18 [clamd] /var/spool/MIMEDefang/mdefang-o2K3sEnS001039/Work/INPUTMBOX: OK_ Mar 20 04:54:18 [mimedefang.pl] MDLOG,o2K3sEnS001039,mail_in,,,<[email protected]>,<[email protected]>,The golden nugget has arrived_ Mar 20 04:54:18 [sm-mta] o2K3sEnS001039: Milter add: header: X-Scanned-By: MIMEDefang 2.64 on 212.160.91.130 Mar 20 04:54:18 [sm-mta] o2K3sEnS001039: to=<[email protected]>, delay=00:00:01, xdelay=00:00:00, mailer=esmtp, pri=5446, relay=petrus.opoka.org.pl. [212.2.120.8], dsn=5.1.1, stat=User unknown Mar 20 04:54:18 [sm-mta] o2K3sEnS001039: to=<[email protected]>, delay=00:00:01, xdelay=00:00:00, mailer=esmtp, pri=5446, relay=petrus.opoka.org.pl. [212.2.120.8], dsn=2.0.0, stat=Sent (Ok: queued as D33FE259E5) Mar 20 04:54:18 [sm-mta] o2K3sEnS001039: o2K3sInS001048: DSN: User unknown This is really weird, Milter rejects the recipients, and then there is nrcpts=2... -- Jakub Wasielewski _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
