Ceyhun, It is not a problem with Postfix. Proceed looking for someone or some process that is forwarding those e-mails to your postfix server. Your postfix server is just receiving them from internal clients and putting them into the queue to send it out.
Bye, --- Fernando Maciel Souto Maior On Tue, Apr 2, 2013 at 6:06 PM, Ceyhun Ganioglu <ceyhunganio...@gmail.com>wrote: > Hi Fernando,**** > > ** ** > > Thanks for your reply. The problem is it is not a single mail sending > problem. There were 756 email to be sent to za...@likya.com on the queue. > I cleaned the queue. Then the emails appeared again. Something in my email > server or maybe a content management system on my web server side has a > vulnerability. I just need to make sure it is not from the Postfix side. > Once I do this, I’ll check the web sites on my server.**** > > ** ** > > Thanks for your help.**** > > ** ** > > Ceyhun**** > > ** ** > > *From:* Fernando Maior [mailto:fernando.souto.ma...@gmail.com] > *Sent:* Tuesday, April 02, 2013 5:25 PM > *To:* Ceyhun Ganioglu > *Cc:* postfix users > *Subject:* Re: Too much traffic**** > > ** ** > > Hi,**** > > ** ** > > I am not an specialist in Postfix, just a common admin. Yet, I can see two > things from your message:**** > > 1. You sure have a DNS resolution problem. No external server should > be resolved to 192.168.x.x, that is an internal network. Also, the last two > octets (255.255) are almost allways used for broadcasting packets in the > network. The IP address for mx1.likya.com should never be > 192.168.255.255;**** > 2. Because of the DNS resolution problem, postfix is just trying to > connect to 192.168.255.255 to deliver the message to za...@likya.com, > but could not, of course.**** > > I issued three commands:**** > > # dig likya.com ns**** > > # dig likya.com mx**** > > # host mx1.likya.com**** > > ** ** > > The first two seems that likya.com is configured correctly, instead the > last command resolved to the IP address 192.168.255.255, that is wrong. So, > problem with DNS resolution is with the admins of likya.com, not you. > Best thing to do? I would just remove all entries in postfix queue that are > for the wrong configured server (likya.com).**** > > ** ** > > Probably, someone at likya.com just made a wrong config. May be - in the > interests of your users - you should try the likya.com site and look for > a way to talk to them and tell them about the problem. Else you should keep > an eye on the postfix queue and keep removing any messages for that domain, > if they continue to pop.**** > > ** ** > > Cheers,**** > > ---**** > > Fernando Maciel Souto Maior**** > > ** ** > > On Mon, Apr 1, 2013 at 3:25 AM, Ceyhun Ganioglu <ceyhunganio...@gmail.com> > wrote:**** > > Hi everybody,**** > > **** > > I was using Postfix without any problems but last two months time the > traffic usage of the server is increased too much. When I checked the mail > queue I see emails for an account za...@likya.com which does not exist on > my server. Below is an example how the mail queue looks like. I checked for > open relay both manually and some online sites. There’s no open relay. Is > this a kind of spam method? If yes, does anyone give me an idea how to fix > it.**** > > **** > > Kindest Regards**** > > Ceyhun **** > > **** > > **** > > Email queue:**** > > **** > > AC5A615038A 635 Mon Apr 1 03:47:47 za...@likya.com**** > > (connect to mx1.likya.com[192.168.255.255]: Connection timed > out)**** > > za...@likya.com**** > > **** > > A05E7150098 635 Sat Mar 30 13:33:46 za...@likya.com**** > > (delivery temporarily suspended: connect to mx1.likya.com[192.168.255.255]: > Connection timed out)**** > > za...@likya.com**** > > **** > > ABDC81500CB 641 Sun Mar 31 05:28:05 za...@likya.com**** > > (delivery temporarily suspended: connect to mx1.likya.com[192.168.255.255]: > Connection timed out)**** > > za...@likya.com**** > > **** > > A333F150086 2786 Sat Mar 30 09:55:01 MAILER-DAEMON**** > > (delivery temporarily suspended: connect to mx1.likya.com[192.168.255.255]: > Connection timed out)**** > > za...@likya.com**** > > **** > > A594015008E 629 Sat Mar 30 12:03:53 za...@likya.com**** > > (delivery temporarily suspended: connect to mx1.likya.com[192.168.255.255]: > Connection timed out)**** > > za...@likya.com**** > > **** > > A122F150381 631 Mon Apr 1 00:34:18 za...@likya.com**** > > (delivery temporarily suspended: connect to mx1.likya.com[192.168.255.255]: > Connection timed out)**** > > za...@likya.com**** > > ** ** >
