At 02:26 PM 6/30/2005, Jeremy Kitchen wrote:
> the customer has *not* pointed the MX for their domain to us yet.
> that will happen tonight. however, the customer has reported that
> several of their accounts have received virus-laden email. it took a
> while to figure it out - apparently the virus is hitting our POP
> server, which is not an MX, and I guess happened to be bearing
> viruses intended for the domain that *is* set up on the server - so
> the server dutifully delivered the 'messages'.

it's probably set up as, where is the domain that
is being pointed over to the new system.

i wish it were that simple. here's the header, with assorted bits obfuscated for customer privacy:
Return-Path: <[EMAIL PROTECTED]>
Received: (qmail 12860 invoked from network); 22 Jun 2005 04:13:34 -0000
Received: from unknown (HELO (
  by with SMTP; 22 Jun 2005 04:13:34 -0000
Subject: Hello
Date: Wed, 22 Jun 2005 09:41:35 +0530
MIME-Version: 1.0
Content-Type: multipart/mixed;
X-Priority: 3
X-MSMail-Priority: Normal
that's the entire header, no more, no less.

simply remove the domain from the rcpthosts file on the non-MX servers and no
mail will be able to come in for that domain there.

well, sure, i could do that, but then when they cut over here it'll bollox everything up. the domain has to be in rcpthosts on the POP server - heck, vpopmail maintains the rcpthosts/morercpthosts automatically on the POP server. I'm not clear how the server would accept new incoming mail for the domain from my own servers once the MX does cut over here if there's no entry in rcpthosts.

Paul Theodoropoulos

Reply via email to