On 11/9/2016 6:27 AM, Sam Clippinger via spamdyke-users wrote:
I don't understand how you have your jails configured -- is qmail in a different jail from spamdyke? I'm just wondering, if the message is originating locally, why does spamdyke see the origin IP as instead of And where is the message really coming from -- maybe a rogue process or a compromised PHP script is generating them?

Do you have whitelisted because it's the local IP? Or is it configured in your /etc/tcp.smtp as a relay client? Either setting would cause spamdyke to allow these messages.

-- Sam Clippinger

Ahhhhh, you may have hit on something.

The qmaild jail contains everything that is mail related (qmail and spamdyke) and necessary to run both. My firewall / router is pf and I use redirection to point incoming port 25 to the jail IP. Jails are a little weird if you don't know about them, in that inside the jail, any references to are morphed into the jail IP address. Not running any PHP scripts.

But I do have the entire 10. network whitelisted as well as 127. and 10. allowing relay in the tcp.smtp file. So I'll need to twiddle with those and see if I can get this to stop (another 100+ came in last night and one just a few moments ago as well.)

Thank you, Sam!

spamdyke-users mailing list

Reply via email to