Hi Tibor,
Is it possible that the MTA used by invenio to send forged mail, is commandeered by anonymous agents to send mails in bulk. Because yesterday, April 8 around midnight, I had shut down the invenio site to solve the problem of backing up invenio-1.1.5 tar ball from one box (Ubuntu-14.04)with websubmit data and restoring it in another box(Ubuntu-13.1) with no invenio.
Within a gap of one hour the admin received a dozen 404 exceptio mails from the following diverse IP addresses:
09.161.99.26
158.222.8.21
158.222.8.112
178.32.115.52
23.232.137.135
69.12.79.70
107.182.125.251
173.44.40.252
167.160.115.155
5.9.231.89
192.3.166.102
They were all trying to access another virtual host on the same box. What do you suggest one should do to keep the mail daemon more secure/
Thanks and Regards
Surendran
From: Tibor Simko
Posted: 08/04/2015 16:54
Subject: Websubmit Mail_Submitter Function
Is it possible that the MTA used by invenio to send forged mail, is commandeered by anonymous agents to send mails in bulk. Because yesterday, April 8 around midnight, I had shut down the invenio site to solve the problem of backing up invenio-1.1.5 tar ball from one box (Ubuntu-14.04)with websubmit data and restoring it in another box(Ubuntu-13.1) with no invenio.
Within a gap of one hour the admin received a dozen 404 exceptio mails from the following diverse IP addresses:
09.161.99.26
158.222.8.21
158.222.8.112
178.32.115.52
23.232.137.135
69.12.79.70
107.182.125.251
173.44.40.252
167.160.115.155
5.9.231.89
192.3.166.102
They were all trying to access another virtual host on the same box. What do you suggest one should do to keep the mail daemon more secure/
Thanks and Regards
Surendran
From: Tibor Simko
Posted: 08/04/2015 16:54
Subject: Websubmit Mail_Submitter Function
On Wed, 08 Apr 2015, Surendran Karippadath wrote:
> I doubt that. For one, this started from Match 28 and second, the mail
> was redirected to admin address which forwarded it as [SUSPECTED SPAM]
Perhaps your system sends too many emails, which raised bulk sending
flag at Google? See:
https://support.google.com/mail/answer/81126
You can try to make some experiments with manual email sending from the
box, using settings recommended on that page.
> Final-Recipient: rfc822; angeli.surend...@gmail.com
> Original-Recipient: rfc822;angeli.surend...@gmail.com
Hmm, what is `rfc822` string doing here?
Best regards
--
Tibor Simko
> I doubt that. For one, this started from Match 28 and second, the mail
> was redirected to admin address which forwarded it as [SUSPECTED SPAM]
Perhaps your system sends too many emails, which raised bulk sending
flag at Google? See:
https://support.google.com/mail/answer/81126
You can try to make some experiments with manual email sending from the
box, using settings recommended on that page.
> Final-Recipient: rfc822; angeli.surend...@gmail.com
> Original-Recipient: rfc822;angeli.surend...@gmail.com
Hmm, what is `rfc822` string doing here?
Best regards
--
Tibor Simko