[qmailtoaster] Dummy email was compromised - Now analyzing all my logs and need help
Hello, I had a dummy email with a rather simple password. I've since deleted that account however it sent out 70,000+ spam emails in a 24 hour period according to my service provider. Running the following: tail -f /var/log/qmail/current | tai64nlocal I get the following output every 2 minutes: 2015-04-10 20:43:57.710673500 tcpserver: end 9843 status 0 2015-04-10 20:43:57.710675500 tcpserver: status: 0/100 2015-04-10 20:43:57.737495500 tcpserver: status: 1/100 2015-04-10 20:43:57.737497500 tcpserver: pid 9849 from 206.228.154.18 2015-04-10 20:43:57.737498500 tcpserver: ok 9849 mail.mailserver.ca:192.168.1.151:25 :206.228.154.18::12377 2015-04-10 20:45:56.131885500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:56.162199500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:57.191969500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:57.220769500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:58.554122500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:58.585896500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:00.227320500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:00.255546500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:02.199074500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:02.229860500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:04.489161500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:04.521678500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:07.051435500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:07.096971500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:09.926907500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:09.957904500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:13.086119500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:13.115577500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:16.544113500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:16.586794500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:20.287366500 CHKUSER intrusion threshold: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : max number of allowed invalid rcpt Any idea what is happening? Are these bounces?
Re: [qmailtoaster] Dummy email was compromised - Now analyzing all my logs and need help
Hi Richard, Yes, I've had this happen before. It really is quite a drag. You might want to check if your domain is blacklisted also, here http://mxtoolbox.com/blacklists.aspx. What is the log file you're looking at? I'm fairly sure it's not /var/log/qmail/current, maybe /var/log/qmail/send/current? You might want to check your queue to see if there are any residual messages in it. Use 'qmHandle -l' or 'qmailctl queue' and delete those that come from the dummy account. EricB On 4/10/2015 7:11 PM, Richard Baxant wrote: Hello, I had a dummy email with a rather simple password. I've since deleted that account however it sent out 70,000+ spam emails in a 24 hour period according to my service provider. Running the following: tail -f /var/log/qmail/current | tai64nlocal I get the following output every 2 minutes: 2015-04-10 20:43:57.710673500 tcpserver: end 9843 status 0 2015-04-10 20:43:57.710675500 tcpserver: status: 0/100 2015-04-10 20:43:57.737495500 tcpserver: status: 1/100 2015-04-10 20:43:57.737497500 tcpserver: pid 9849 from 206.228.154.18 2015-04-10 20:43:57.737498500 tcpserver: ok 9849 mail.mailserver.ca:192.168.1.151:25 :206.228.154.18::12377 2015-04-10 20:45:56.131885500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:56.162199500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:57.191969500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:57.220769500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:58.554122500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:58.585896500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:00.227320500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:00.255546500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:02.199074500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:02.229860500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:04.489161500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:04.521678500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:07.051435500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:07.096971500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:09.926907500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:09.957904500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:13.086119500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:13.115577500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:16.544113500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:16.586794500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10
[qmailtoaster] question about tlsciphers
is it possible to define: smtp smtp-ssl and have each honor a different cipher list such as the control file tlsserverciphers? if i can simply pass the environment variable tlsciphers, how do i do that exactly and does it in fact take precedence over the standard control file tlsserverciphers? reason being i wish to have a more restrictive tlsserverciphers for submission (eliminating SSL) and then create smtp-ssl to allow ssl on port 465. thanks. -- - Sincerely, Fabian S.
Re: [qmailtoaster] Dummy email was compromised - Now analyzing all my logs and need help
Hi Eric, Sorry it is the following that i'm monitoring: tail -f /var/log/qmail/smtp/current | tai64nlocal I've used mxtoolbox to do that check and still have green check marks I will give those a try. Is there anything else I should be looking for? TIA Richard On Fri, Apr 10, 2015 at 9:21 PM, Eric Broch ebr...@whitehorsetc.com wrote: Hi Richard, Yes, I've had this happen before. It really is quite a drag. You might want to check if your domain is blacklisted also, here http://mxtoolbox.com/blacklists.aspx. What is the log file you're looking at? I'm fairly sure it's not /var/log/qmail/current, maybe /var/log/qmail/send/current? You might want to check your queue to see if there are any residual messages in it. Use 'qmHandle -l' or 'qmailctl queue' and delete those that come from the dummy account. EricB On 4/10/2015 7:11 PM, Richard Baxant wrote: Hello, I had a dummy email with a rather simple password. I've since deleted that account however it sent out 70,000+ spam emails in a 24 hour period according to my service provider. Running the following: tail -f /var/log/qmail/current | tai64nlocal I get the following output every 2 minutes: 2015-04-10 20:43:57.710673500 tcpserver: end 9843 status 0 2015-04-10 20:43:57.710675500 tcpserver: status: 0/100 2015-04-10 20:43:57.737495500 tcpserver: status: 1/100 2015-04-10 20:43:57.737497500 tcpserver: pid 9849 from 206.228.154.18 2015-04-10 20:43:57.737498500 tcpserver: ok 9849 mail.mailserver.ca:192.168.1.151:25 :206.228.154.18::12377 2015-04-10 20:45:56.131885500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:56.162199500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:57.191969500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:57.220769500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:58.554122500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:58.585896500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:00.227320500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:00.255546500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:02.199074500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:02.229860500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:04.489161500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:04.521678500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:07.051435500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:07.096971500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:09.926907500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:09.957904500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:13.086119500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:13.115577500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:16.544113500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:16.586794500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient
Re: [qmailtoaster] Dummy email was compromised - Now analyzing all my logs and need help
This is what I get when I run those commands: [root@mail smtp]# qmHandle -l Messages in local queue: 0 Messages in remote queue: 0 [root@mail smtp]# qmailctl queue messages in queue: 0 messages in queue but not yet preprocessed: 0 On Fri, Apr 10, 2015 at 9:47 PM, Richard Baxant qmailtoasterl...@gmail.com wrote: Hi Eric, Sorry it is the following that i'm monitoring: tail -f /var/log/qmail/smtp/current | tai64nlocal I've used mxtoolbox to do that check and still have green check marks I will give those a try. Is there anything else I should be looking for? TIA Richard On Fri, Apr 10, 2015 at 9:21 PM, Eric Broch ebr...@whitehorsetc.com wrote: Hi Richard, Yes, I've had this happen before. It really is quite a drag. You might want to check if your domain is blacklisted also, here http://mxtoolbox.com/blacklists.aspx. What is the log file you're looking at? I'm fairly sure it's not /var/log/qmail/current, maybe /var/log/qmail/send/current? You might want to check your queue to see if there are any residual messages in it. Use 'qmHandle -l' or 'qmailctl queue' and delete those that come from the dummy account. EricB On 4/10/2015 7:11 PM, Richard Baxant wrote: Hello, I had a dummy email with a rather simple password. I've since deleted that account however it sent out 70,000+ spam emails in a 24 hour period according to my service provider. Running the following: tail -f /var/log/qmail/current | tai64nlocal I get the following output every 2 minutes: 2015-04-10 20:43:57.710673500 tcpserver: end 9843 status 0 2015-04-10 20:43:57.710675500 tcpserver: status: 0/100 2015-04-10 20:43:57.737495500 tcpserver: status: 1/100 2015-04-10 20:43:57.737497500 tcpserver: pid 9849 from 206.228.154.18 2015-04-10 20:43:57.737498500 tcpserver: ok 9849 mail.mailserver.ca:192.168.1.151:25 :206.228.154.18::12377 2015-04-10 20:45:56.131885500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:56.162199500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:57.191969500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:57.220769500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:58.554122500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:58.585896500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:00.227320500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:00.255546500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:02.199074500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:02.229860500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:04.489161500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:04.521678500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:07.051435500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:07.096971500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:09.926907500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:09.957904500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:13.086119500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:13.115577500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com : not existing recipient 2015-04-10
Re: [qmailtoaster] Dummy email was compromised - Now analyzing all my logs and need help
I think I'd block that ip (206.228.154.18) on my firewall. If someone else has a better ideal, I'm all ears. On 4/10/2015 7:47 PM, Richard Baxant wrote: Hi Eric, Sorry it is the following that i'm monitoring: tail -f /var/log/qmail/smtp/current | tai64nlocal I've used mxtoolbox to do that check and still have green check marks I will give those a try. Is there anything else I should be looking for? TIA Richard On Fri, Apr 10, 2015 at 9:21 PM, Eric Broch ebr...@whitehorsetc.com mailto:ebr...@whitehorsetc.com wrote: Hi Richard, Yes, I've had this happen before. It really is quite a drag. You might want to check if your domain is blacklisted also, here http://mxtoolbox.com/blacklists.aspx. What is the log file you're looking at? I'm fairly sure it's not /var/log/qmail/current, maybe /var/log/qmail/send/current? You might want to check your queue to see if there are any residual messages in it. Use 'qmHandle -l' or 'qmailctl queue' and delete those that come from the dummy account. EricB On 4/10/2015 7:11 PM, Richard Baxant wrote: Hello, I had a dummy email with a rather simple password. I've since deleted that account however it sent out 70,000+ spam emails in a 24 hour period according to my service provider. Running the following: tail -f /var/log/qmail/current | tai64nlocal I get the following output every 2 minutes: 2015-04-10 20:43:57.710673500 tcpserver: end 9843 status 0 2015-04-10 20:43:57.710675500 tcpserver: status: 0/100 2015-04-10 20:43:57.737495500 tcpserver: status: 1/100 2015-04-10 20:43:57.737497500 tcpserver: pid 9849 from 206.228.154.18 2015-04-10 20:43:57.737498500 tcpserver: ok 9849 mail.mailserver.ca:192.168.1.151:25 :206.228.154.18::12377 2015-04-10 20:45:56.131885500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:56.162199500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:57.191969500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:57.220769500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:45:58.554122500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:45:58.585896500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:00.227320500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:00.255546500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:02.199074500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:02.229860500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:04.489161500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:04.521678500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:07.051435500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:07.096971500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt panarcadian@tld_domain.com mailto:panarcadian@tld_domain.com : not existing recipient 2015-04-10 20:46:09.926907500 CHKUSER accepted sender: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18 rcpt : accepted null sender always 2015-04-10 20:46:09.957904500 CHKUSER rejected rcpt: from :: remote steelport2-out.isp_domain.com:unknown:206.228.154.18
