Hi Colin,
If the system is sending messages to itself and accepting them; than I
would think that, either the joymail.com is listed in the servername of
the config.xml or possibly the hostname of the computer has been
compromised. You may want to check your computers hostname.
Good Luck,
Cliv
OK, that's something... any way we can just blackhole this guy completely?
I sent a copy of my config.xml earlier today, email me off list if you
missed it. As best as I can tell we have set up James to not allow this.
Either (1) we are missing somehting in the config or (2) the server has been
ro
Ok, here is your spammer:
Received: from 219-81-145-243.static.tfn.net.tw ([219.81.145.243])
by foo-bar.com (JAMES SMTP Server 2.2.0) with SMTP ID 199;
Mon, 14 Mar 2005 23:52:17 -0600 (CST)
whom you can find at http://www.openrbl.org/ip/219/81/145/243.htm.
Now the quest
As per request, here is the full header track of one such suspect message.
Replace "foo-bar" with our domain and 111.222.333.444 with our IP address.
Since these mails are archived and locatable by google I would rather not
post the actual domain and IP publicly. We have enough spammers using us
no
> Once again, the mail does not appear to be being relayed (I
> can see us junking relay-attempt mails no problem) but it
> actually appears to be (or is forged to have the appearance
> of) coming from the local host. If you read the headers, it
> has out address (often many times, as if in a m
FYI, we now have support for ClamAV, although it:
(a) is currently a mailet, not a matcher as described in
http://www.mail-archive.com/server-user@james.apache.org/msg03218.html
(b) requires Java 1.4.x
I'd like to see it as a matcher, and we'll have to talk about the runtime
requirement
Another question:
The CPU hogging appears to be a result of mails failing and being retried.
As the queue stacks up, the CPU (and our outgoing mail) bogs down.
Anyway, what I have been doing is to stop James, and empty the outgoing
queue, which sometimes gets large enough to actually choke the sh
Can you send through one of the messages including all headers? Who are the
messages being sent to? who are they received from? You can look in the
james-home/apps/james/var/mail/outgoing folder and see the queued mails in
the *.FileStreamStore files.
Daniel.
> -Original Message-
> From:
Hello again, here's some more information:
I have attached some relevant sections from the config.xml. Once again, the
mail does not appear to be being relayed (I can see us junking relay-attempt
mails no problem) but it actually appears to be (or is forged to have the
appearance of) coming from
This is related to an earlier posting I made on having
issues configuring JAMES to send/receive email to/fro
remote mail servers (beyong the localhost). A Java
application on my local server can leverage James to
send to remote locations but full blown mail clients
such as Thunderbird and even Java
Emre,
It is very common nowadays to have virus infected machines around the
world sending infected emails (or spam) directly to stolen addresses and
with forged "From" header and "return-path". So receiving notification
emails of not accepted emails *does not imply at all* that your SMTP
server
Hi all.
I try again with my fetchmail problem.
I configured fetchmail in the following way (One account, Many Users):
I see that when a mail from a remote sender is addressed to more than one
recipient, the fetch task fails because it tries to find a non-existent
"for" keyword in the "Rec
12 matches
Mail list logo
