I don't understand how you have your jails configured -- is qmail in a 
different jail from spamdyke?  I'm just wondering, if the message is 
originating locally, why does spamdyke see the origin IP as instead 
of  And where is the message really coming from -- maybe a rogue 
process or a compromised PHP script is generating them?

Do you have whitelisted because it's the local IP?  Or is it 
configured in your /etc/tcp.smtp as a relay client?  Either setting would cause 
spamdyke to allow these messages.

-- Sam Clippinger

On Nov 8, 2016, at 10:53 PM, BC via spamdyke-users 
<spamdyke-users@spamdyke.org> wrote:

> Well, I have spamdyke-qrv installed and turned on in spamdyke.conf, but am 
> still getting stuff like this (maillog):
> Nov  8 21:48:51 33a45916-5b78-11e6-a0e5-0cc47a6975be spamdyke[17138]: ALLOWED 
> from: filenkokir...@shopon.net to: sergushk...@bk.ru origin_ip: 
> origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: 
> 250_ok_1478666931_qp_17140
> so someone is trying to use my system as a relay, right?
> with the resulting MAILER-DAEMON bounce.  The is the IP of the jail 
> that qmail runs in.
> Any other thoughts?
> On 11/7/2016 9:13 AM, Gary Gendel via spamdyke-users wrote:
>> This doesn't look like it's email originating from your system.  Instead, it 
>> looks like spamdyke has accepted the message and then qmail is doing the 
>> rejection.  My guess is that it passes through spamdyke with an invalid 
>> destination user.  Qmail then tries to reject it. 
>> You can avoid this by adding invalid user checks in spamdyke so it doesn't 
>> reach qmail by setting "recipient-validation-command=<program>" (I use 
>> spamdyke-qrv) and "reject-recipient=invalid". 
>> Gary
> _______________________________________________
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users

spamdyke-users mailing list

Reply via email to