Am 05.06.2014 13:53, schrieb Gilles Chehade:
previous mail was short because i was outside and sent it from my phone,
here's what you should understand from these lines:
Mail in local queue:
5849a0f85ce64c96|local|mta|auth|@|[email protected]|[email protected]|1401881480|1402227080|0|12|pending|9012|Network
error on destination MXs
without configuration file, it's hard to know what happens ;-)
Hi Gilles,
and thanks for your response.
I searched in my maillogs and found the beginning of those mails (I hope).
I substituted my MX-Domainname with: MYDOMAIN
and substituted my servers IP with: MY.IP.ADD.RESS
As you can see the spam-sender sends a mail to info@MYDOMAIN. But info
is no valid recepient on my server.
// QUOTE OF maillog
Jun 4 13:31:16 mail smtpd[6627]: smtp-in: New session 5a319434d9535c8e
from host 183.13.181.237 [183.13.181.237]
Jun 4 13:31:18 mail smtpd[6627]: smtp-in: Accepted message 1be8fd54 on
session 5a319434d9535c8e: from=<[email protected]>,
to=<info@MYDOMAIN>, size=3301, ndest=1, proto=SMTP
Jun 4 13:31:18 mail smtpd[6625]: smtp-out: Connecting to
smtp://127.0.0.1:10024 (localhost) on session 5a319bddda0e3721...
Jun 4 13:31:18 mail smtpd[6625]: smtp-out: Connected on session
5a319bddda0e3721
Jun 4 13:31:18 mail smtpd[6627]: smtp-in: New session 5a319435f4b57716
from host static.MY.IP.ADD.RESS.clients.your-server.de [MY.IP.ADD.RESS]
Jun 4 13:31:18 mail smtpd[6627]: smtp-in: Failed command on session
5a319435f4b57716: "RCPT TO:<info@MYDOMAIN>" => 550 Invalid recipient
Jun 4 13:31:18 mail smtpd[6625]: relay: PermFail for 1be8fd54a78d7972:
session=5a319bddda0e3721, from=<[email protected]>,
to=<info@MYDOMAIN>, rcpt=<->, source=MY.IP.ADD.RESS, relay=127.0.0.1
(localhost), delay=1s, stat=550 Invalid recipient
Jun 4 13:31:19 mail smtpd[6627]: smtp-in: Closing session 5a319434d9535c8e
Jun 4 13:31:19 mail smtpd[6627]: smtp-in: New session 5a319436eee1610c
from host localhost [local]
Jun 4 13:31:20 mail smtpd[6627]: smtp-in: Accepted message 5849a0f8 on
session 5a319436eee1610c: from=<>, to=<[email protected]>,
size=3934, ndest=1, proto=ESMTP
Jun 4 13:31:20 mail smtpd[6627]: smtp-in: Closing session 5a319436eee1610c
Jun 4 13:31:24 mail smtpd[6625]: smtp-out: Connecting to
smtp+tls://121.35.135.141:25
(141.135.35.121.broad.sz.gd.dynamic.163data.com.cn) on session
5a319be0044dd5ec...
Jun 4 13:31:29 mail smtpd[6627]: smtp-in: Closing session 5a319435f4b57716
Jun 4 13:31:29 mail smtpd[6625]: smtp-out: Closing session
5a319bddda0e3721: 0 message sent.
Jun 4 13:32:39 mail smtpd[6625]: smtp-out: Error on session
5a319be0044dd5ec: Connection timeout
Jun 4 13:32:39 mail smtpd[6625]: smtp-out: Disabling route [] <->
121.35.135.141 (141.135.35.121.broad.sz.gd.dynamic.163data.com.cn) for 800s
Jun 4 13:32:39 mail smtpd[6625]: smtp-out: No valid route for
[connector:[]->[relay:yt1ktrkw.10stats3.ru],0x20000]
Jun 4 13:32:41 mail smtpd[6625]: relay: TempFail for 5849a0f85ce64c96:
session=0000000000000000, from=<>, to=<[email protected]>,
rcpt=<->, source=-, relay=yt1ktrkw.10stats3.ru, delay=1m21s,
stat=Network error on destination MXs
// END QUOTE OF maillog
Here is my config (it pushes the mails through spampd for filtering):
// QUOTE mail-config
# This is the smtpd server system-wide configuration file.
# See smtpd.conf(5) for more information.
pki MYDOMAIN certificate "/usr/local/etc/mail/certs/MYDOMAIN.crt"
pki MYDOMAIN key "/usr/local/etc/mail/certs/MYDOMAIN.key"
# To accept external mail, replace with: listen on all
listen on re0 port 25 tls pki MYDOMAIN.de tag erstes_eintreffen
listen on re0 smtps pki MYDOMAIN auth
listen on 127.0.0.1 port 10025 tag nach_spamerkennung
# If you edit the file, you have to run "smtpctl update table aliases"
table aliases file:/etc/mail/aliases
table domains file:/etc/mail/domains
table vusers file:/etc/mail/vusers
# Alles was lokal ist wird direkt zugestellt
accept from local for local alias <aliases> deliver to lmtp
"/var/run/dovecot/lmtp"
accept from local for local deliver to lmtp "/var/run/dovecot/lmtp"
# Alles was von aussen kommt wird an den spampd weitergeleitet
accept tagged erstes_eintreffen from any for domain <domains> relay via
smtp://127.0.0.1:10024 hostname localhost source 127.0.0.1
# Alles was aus dem spampd zurueck geliefert wird kann zugestellt werden.
accept tagged nach_spamerkennung from any for domain <domains> virtual
<vusers> deliver to lmtp "/var/run/dovecot/lmtp"
accept for any relay
// END mail-config
I think, and please correct me if I am wrong, that my server received
the mail from the spammer. Found out it could not be delivered because
info@ is not a valid recepient on the server and tried to answer to the
spammer that it could not be delivered. The spammer seems to use wrong
(or changed) IPs and so my errormessage could not be delivered. I think
exactly this errormessage-mail is what's there in my queue...
Is this possible?
Don't be confused It's running on FreeBSD
Thanks for your help!
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
