Loading ...
Sorry, an error occurred while loading the content.

Re: Am I being a relay for spam?

Expand Messages
  • Barry Irwin
    ... Hi Doug What these look to possibly be is bounce messages? Although without seeing a full snippet of your mailq and particularly the mail logs its
    Message 1 of 7 , Aug 1, 2007
    • 0 Attachment
      Doug wrote:
      > I'm running postfix on SuSE Linux 10.2. I have set relay_domains =
      > $mynetworks.
      >
      > I am concerned because when I go into Webmin and look at the Mail Queue for
      > Postfix, I see entries like this:
      >
      > merrowydfip@... postmaster@... 20.08 kB connect to
      > com.com[216.239.113.101]: Connection timed out
      >
      > This could not have come from any of my users. Right now I have 4 messages to
      > postmaster@..., and one to root@.... The status on one of them
      > is "Connection Timed Out"
      >
      > I do get lots of spam, which I have managed to cut in half with postfix and
      > spamassassin.
      >
      > Doug

      Hi Doug

      What these look to possibly be is bounce messages? Although without
      seeing a full snippet of your mailq and particularly the mail logs its
      difficult to say.

      If you trace these addresses in your maillogs form which hosts were they
      received ? What is your domain? without all the pieces its a little
      hard for people to assist you. PLease revisit the welcome message you
      got when you joined the list for details on what kind of information to
      provide to aid in debugging.

      Barry
    • Doug
      Well, I didn t want to take up too much time here. My main concern is that I m not being a relay for spam. Here s a grep of /var/logs/mail. customosas.com,
      Message 2 of 7 , Aug 1, 2007
      • 0 Attachment
        Well, I didn't want to take up too much time here. My main concern is that I'm
        not being a relay for spam.

        Here's a grep of /var/logs/mail. customosas.com, mentioned near the end, is
        one of my mail domains, the other being dougnc.com

        Thanks!


        venture:/var/log # grep com.com mail | grep "Aug 1" | more
        Aug 1 01:09:15 venture postfix/smtp[23700]: connect to
        com.com[216.239.122.102]: Connection timed ou
        t (port 25)
        Aug 1 01:09:45 venture postfix/smtp[23700]: connect to
        com.com[216.239.113.101]: Connection timed ou
        t (port 25)
        Aug 1 01:09:45 venture postfix/smtp[23700]: 616B76CBD9:
        to=<postmaster@...>, orig_to=<mail@custo
        mosas.com>, relay=none, delay=60, delays=0.08/0.02/60/0, dsn=4.4.1,
        status=deferred (connect to com.c
        om[216.239.113.101]: Connection timed out)
        Aug 1 01:18:05 venture postfix/qmgr[4402]: A7BFC6C9E9: from=<root@...>,
        size=501, nrcpt=1 (queue
        active)
        Aug 1 01:18:35 venture postfix/smtp[23766]: connect to
        com.com[216.239.113.101]: Connection timed ou
        t (port 25)
        Aug 1 01:18:35 venture postfix/smtp[23765]: connect to
        com.com[216.239.113.101]: Connection timed ou
        t (port 25)
        Aug 1 01:18:35 venture postfix/smtp[23768]: connect to
        com.com[216.239.122.102]: Connection timed ou
        t (port 25)
        Aug 1 01:18:35 venture postfix/smtp[23767]: connect to
        com.com[216.239.113.101]: Connection timed ou
        t (port 25)
        Aug 1 01:19:05 venture postfix/smtp[23766]: connect to
        com.com[216.239.122.102]: Connection timed ou
        t (port 25)
        Aug 1 01:19:05 venture postfix/smtp[23765]: connect to
        com.com[216.239.122.102]: Connection timed ou
        t (port 25)
        Aug 1 01:19:05 venture postfix/smtp[23767]: connect to
        com.com[216.239.122.102]: Connection timed ou
        t (port 25)
        Aug 1 01:19:05 venture postfix/smtp[23768]: connect to
        com.com[216.239.113.101]: Connection timed ou
        t (port 25)
        Aug 1 01:19:06 venture postfix/smtp[23768]: 5F2C96CBDA:
        to=<postmaster@...>, orig_to=<mail@custo
        mosas.com>, relay=none, delay=70102, delays=70042/0.14/60/0, dsn=4.4.1,
        status=deferred (connect to c
        om.com[216.239.113.101]: Connection timed out)
        Aug 1 01:19:06 venture postfix/smtp[23766]: 1D3F36CBD6:
        to=<postmaster@...>, orig_to=<mail@custo
        mosas.com>, relay=none, delay=404546, delays=404485/0.03/60/0, dsn=4.4.1,
        status=deferred (connect to

        Doug


        On Wednesday 01 August 2007 10:22, Barry Irwin wrote:
        > Doug wrote:
        > > I'm running postfix on SuSE Linux 10.2. I have set relay_domains =
        > > $mynetworks.
        > >
        > > I am concerned because when I go into Webmin and look at the Mail Queue
        > > for Postfix, I see entries like this:
        > >
        > > merrowydfip@... postmaster@... 20.08 kB connect to
        > > com.com[216.239.113.101]: Connection timed out
        > >
        > > This could not have come from any of my users. Right now I have 4
        > > messages to postmaster@..., and one to root@.... The status on
        > > one of them is "Connection Timed Out"
        > >
        > > I do get lots of spam, which I have managed to cut in half with postfix
        > > and spamassassin.
        > >
        > > Doug
        >
        > Hi Doug
        >
        > What these look to possibly be is bounce messages? Although without
        > seeing a full snippet of your mailq and particularly the mail logs its
        > difficult to say.
        >
        > If you trace these addresses in your maillogs form which hosts were they
        > received ? What is your domain? without all the pieces its a little
        > hard for people to assist you. PLease revisit the welcome message you
        > got when you joined the list for details on what kind of information to
        > provide to aid in debugging.
        >
        > Barry
      • Jeremie Le Hen
        Hi, Martin, ... Indeed, after studying the example greylist.pl, it appeared the only difference was the lack of $| = 1. Thank you for your help! Best regards,
        Message 3 of 7 , Aug 1, 2007
        • 0 Attachment
          Hi, Martin,

          On Wed, Aug 01, 2007 at 03:18:25PM +0200, Martin Schmitt wrote:
          > Jeremie Le Hen schrieb:
          >
          > > % #!/usr/bin/perl
          >
          > $| = 1; # to disable Perl's buffering of output.
          >
          > > % open LOG, '>> /tmp/policystub.log';
          > > % while (<STDIN>) {
          > > % print LOG $_;
          > > % print LOG "HEX: ".(unpack "H*", $_)."\n";
          > > % chomp;
          > > % print "action=DUNNO\n\n" if ($_ eq '');
          > > % }
          > > % close LOG;
          > >
          > > Testing it manually, it seems to work as expected:
          > > % postfix1# printf 'attribute=value\n\n' | /root/policystub.pl
          > > % action=DUNNO
          >
          > This works because policystub.pl terminates after EOF. Under master's
          > control, the smtpd remains connected to the policy service, which
          > buffers output and therefore doesn't answer immediately.

          Indeed, after studying the example greylist.pl, it appeared the only
          difference was the lack of $| = 1. Thank you for your help!

          Best regards,
          --
          Jeremie Le Hen
          < jeremie at le-hen dot org >< ttz at chchile dot org >
        Your message has been successfully submitted and would be delivered to recipients shortly.