Loading ...
Sorry, an error occurred while loading the content.

Reducing SPAM connections

Expand Messages
  • Carsten S.
    Hi I am receiving a considerable amount of connection from SPAM hosts and I m starting to wonder if this is normal ? Also, could setting up a spamd help
    Message 1 of 3 , Jul 28, 2013
    • 0 Attachment
      Hi

      I am receiving a considerable amount of connection from SPAM hosts and I'm starting to wonder if this is normal ?

      Also, could setting up a spamd help decrease number of connections ?

      Thanks for any advice.

      Carsten S.


      ...



      ****** Detail (10) *********************************************************************************

      109 Miscellaneous warnings ------------------------------------------------------------------
      10 hostname host-46-241-156-54.orangearmenia.am does not resolve to address 46.241.156...
      9 hostname 234-240-137-186.fibertel.com.ar does not resolve to address 186.137.240.23...
      5 hostname 178.91.44.246.megaline.telecom.kz does not resolve to address 178.91.44.24...
      5 hostname 88.249.200.82.dynamic.ttnet.com.tr does not resolve to address 88.249.200....
      5 hostname 92.47.187.169.megaline.telecom.kz does not resolve to address 92.47.187.16...
      5 hostname Dynamic-IP-181540180245.cable.net.co does not resolve to address 181.54.18...
      5 hostname Dynamic-IP-18687214135.cable.net.co does not resolve to address 186.87.214...
      5 hostname customer-PUE-156-153.megared.net.mx does not resolve to address 189.192.15...
      3 hostname 200-127-26-71.cab.prima.net.ar does not resolve to address 200.127.26.71: ...
      3 hostname customer-GDL-140-83.megared.net.mx does not resolve to address 187.245.140...
      2 hostname 53.red.141.225.212.user.ptvtelecom.com does not resolve to address 212.225...
      2 hostname client-201.240.116.69.speedy.net.pe does not resolve to address 201.240.11...
      2 hostname customer-CLN-223-16.megared.net.mx does not resolve to address 187.243.223...
      2 hostname static-adsl190-250-72-98.une.net.co does not resolve to address 190.250.72...
      1 hostname 1.116.166.190.f.sta.codetel.net.do does not resolve to address 190.166.116...
      1 hostname 121-60-188-190.cab.prima.net.ar does not resolve to address 190.188.60.121...
      1 hostname 126.26.166.190.f.sta.codetel.net.do does not resolve to address 190.166.26...
      1 hostname 154.25.166.190.f.sta.codetel.net.do does not resolve to address 190.166.25...
      1 hostname 155-60-194-190.cab.prima.net.ar does not resolve to address 190.194.60.155...
      1 hostname 178.89.57.40.megaline.telecom.kz does not resolve to address 178.89.57.40:...
      1 hostname 178.90.226.107.megaline.telecom.kz does not resolve to address 178.90.226....
      1 hostname 186.194-5-146.vtc-vegastelecom.com.br does not resolve to address 186.194....
      1 hostname 187-75-189-17.dsl.telesp.net.br does not resolve to address 187.75.189.17:...
      1 hostname 188.subnet118-97-212.static.astinet.telkom.net.id does not resolve to addr...
      1 hostname 190-172-131-240.speedy.com.ar does not resolve to address 190.172.131.240:...
      1 hostname 190-174-238-122.speedy.com.ar does not resolve to address 190.174.238.122:...
      1 hostname 192-211-52-68-customer-incero.com does not resolve to address 192.211.52.6...
      1 hostname 202-253-194-190.cab.prima.net.ar does not resolve to address 190.194.253.2...
      1 hostname 202.subnet118-97-168.static.astinet.telkom.net.id does not resolve to addr...
      1 hostname 208-110-35-183.yourlink.ca does not resolve to address 208.110.35.183: hos...
      1 hostname 235.subnet-103.23.101.host.unnes.ac.id does not resolve to address 103.23....
      1 hostname 254.226.185.190.cable.dyn.ridsa.com.ar does not resolve to address 190.185...
      1 hostname 4-30-110-190-hou.servercraft.co does not resolve to address 4.30.110.190: ...
      1 hostname 5-57-13-190.elcat.kg does not resolve to address 5.57.13.190: hostname nor...
      1 hostname 62.56.143.58.satcom-systems.net does not resolve to address 62.56.143.58: ...
      1 hostname 81.213.153.125.static.ttnet.com.tr does not resolve to address 81.213.153....
      1 hostname 88.250.201.15.static.ttnet.com.tr does not resolve to address 88.250.201.1...
      1 hostname 95.57.252.178.megaline.telecom.kz does not resolve to address 95.57.252.17...
      1 hostname 95.57.72.79.megaline.telecom.kz does not resolve to address 95.57.72.79: h...
      1 hostname 95.58.40.170.megaline.telecom.kz does not resolve to address 95.58.40.170:...
      1 hostname 95.59.123.227.megaline.telecom.kz does not resolve to address 95.59.123.22...
      1 hostname ABTS-North-Static-155.86.160.122.airtelbroadband.in does not resolve to ad...
      1 hostname CUST-114.215.102.5.018.net.il does not resolve to address 5.102.215.114: h...
      1 hostname Dynamic-IP-18150087227.cable.net.co does not resolve to address 181.50.87....
      1 hostname Dynamic-IP-181530105149.cable.net.co does not resolve to address 181.53.10...
      1 hostname Dynamic-IP-18614519478.cable.net.co does not resolve to address 186.145.19...
      1 hostname Dynamic-IP-1868517777.cable.net.co does not resolve to address 186.85.177....
      1 hostname Dynamic-IP-190146145254.cable.net.co does not resolve to address 190.146.1...
      1 hostname cable190-249-169-123.une.net.co does not resolve to address 190.249.169.12...
      1 hostname client-200.121.168.109.speedy.net.pe does not resolve to address 200.121.1...
      1 hostname client-201.240.190.200.speedy.net.pe does not resolve to address 201.240.1...
      1 hostname cnq118-248.cablevision.qc.ca does not resolve to address 24.212.118.248: h...
      1 hostname cust61-62.148.197.netcabo.co.ao does not resolve to address 197.148.62.61:...
      1 hostname customer-GDL-169-208.megared.net.mx does not resolve to address 187.244.16...
      1 hostname customer-QRO-132-10.megared.net.mx does not resolve to address 189.194.132...
      1 hostname dsl-189-134-120-212-dyn.prod-infinitum.com.mx does not resolve to address ...
      1 hostname dsl-201-155-170-249-sta.prod-empresarial.com.mx does not resolve to addres...
      1 hostname fixed-189-14-74.iusacell.net does not resolve to address 187.189.14.74: ho...
      1 hostname h066060056163.skyonline.net does not resolve to address 66.60.56.163: host...
      1 hostname medimetrics-servnet.serv.net.mx does not resolve to address 201.150.32.188...

      1 5xx Reject relay denied -----------------------------------------------------------------
      1 4.30.110.190 unknown
      1 maria45454545@...

      14 5xx Reject HELO/EHLO --------------------------------------------------------------------
      9 Need fully-qualified hostname
      5 105.225.151.153 ti-225-151-153.telkomadsl.co.za
      5 ti
      1 37.215.14.77 unknown
      1 37.215.14.77
      1 78.97.146.215 unknown
      1 78.97.146.215
      1 93.84.153.74 mm-74-153-84-93.dynamic.pppoe.mgts.by
      1 93.84.153.74
      1 190.234.190.38 unknown
      1 190.234.190.38
      5 Invalid name
      5 117.239.67.2 unknown
      5 static.ill.117.239.67.2/24.bsnl.in

      464 5xx Reject RBL --------------------------------------------------------------------------
      463 zen.spamhaus.org
      25 46.241.156.54 unknown
      25 61.7.240.178 unknown
      25 62.43.225.25 62.43.225.25.static.user.ono.com
      25 175.176.150.160 unknown
      20 186.137.240.234 unknown
      10 31.16.168.72 31-16-168-72-dynip.superkabel.de
      10 59.183.153.77 triband-mum-59.183.153.77.mtnl.net.in
      10 79.158.226.132 132.red-79-158-226.staticip.rima-tde.net
      10 84.228.226.43 igld-84-228-226-43.inter.net.il
      10 88.249.200.82 unknown
      10 197.149.170.10 unknown
      10 200.86.142.157 pc-157-142-86-200.cm.vtr.net
      5 92.47.187.169 unknown
      5 109.65.163.208 unknown
      5 119.155.7.1 unknown
      5 125.60.156.227 unknown
      5 178.91.44.246 unknown
      5 181.54.180.245 unknown
      5 186.87.214.135 unknown
      5 189.192.156.153 unknown
      5 189.209.219.45 189-209-219-45.static.axtel.net
      5 190.43.50.123 unknown
      5 190.43.154.235 unknown
      5 190.236.38.154 unknown
      5 200.56.204.219 200-56-204-219-cable.cybercable.net.mx
      5 201.233.117.90 cable201-233-117-90.epm.net.co
      5 202.29.223.134 unknown
      5 209.105.199.52 sturgeon-cable235.onlink.net
      4 200.127.26.71 unknown
      3 5.200.252.246 unknown
      3 173.208.225.109 unknown
      3 181.64.123.139 unknown
      3 187.245.140.83 unknown
      3 190.102.157.166 unknown
      2 5.22.127.207 unknown
      2 94.74.154.254 unknown
      2 121.54.44.160 unknown
      2 186.145.194.78 unknown
      2 187.163.104.21 187-163-104-21.static.axtel.net
      2 187.243.223.16 unknown
      2 190.72.191.230 unknown
      2 190.250.72.98 unknown
      2 192.111.145.72 unknown
      2 200.124.106.113 200-124-106-113.bbt.net.ar
      2 201.212.190.237 201-212-190-237.net.prima.net.ar
      2 201.240.116.69 unknown
      2 212.225.141.56 unknown
      1 2.98.244.2 host-2-98-244-2.as13285.net
      1 2.181.36.80 unknown
      1 2.184.237.93 unknown
      1 2.185.211.153 unknown
      1 2.185.240.224 unknown
      1 2.187.177.62 unknown
      1 2.191.67.11 unknown
      1 5.57.13.190 unknown
      1 5.76.157.168 unknown
      1 5.102.215.114 unknown
      1 24.173.191.66 rrcs-24-173-191-66.sw.biz.rr.com
      1 24.212.118.248 unknown
      1 31.8.120.209 h31-8-120-209.dyn.bashtel.ru
      1 31.195.163.162 host162-163-static.195-31-b.business.telecomitalia.it
      1 36.69.57.194 unknown
      1 37.17.181.184 unknown
      1 37.19.126.80 unknown
      1 37.205.216.9 host9-216-static.205-37-b.business.telecomitalia.it
      1 41.59.37.202 unknown
      1 41.160.107.242 unknown
      1 49.0.135.170 unknown
      1 66.60.56.163 unknown
      1 76.14.237.16 76-14-237-16.or.wavecable.com
      1 76.66.165.150 bas1-toronto61-1279436182.dsl.bell.ca
      1 77.28.51.95 unknown
      1 77.29.88.41 unknown
      1 77.180.206.218 koln-4db4ceda.pool.mediaways.net
      1 78.25.120.246 unknown
      1 79.183.188.234 bzq-79-183-188-234.red.bezeqint.net
      1 81.61.231.72 81.61.231.72.dyn.user.ono.com
      1 81.213.153.125 unknown
      1 81.247.252.249 249.252-247-81.adsl-static.isp.belgacom.be
      1 83.130.117.233 igld-83-130-117-233.inter.net.il
      1 84.111.74.22 bzq-84-111-74-22.red.bezeqint.net
      1 84.111.152.79 bzq-84-111-152-79.red.bezeqint.net
      1 85.9.60.178 unknown
      1 85.26.23.30 unknown
      1 85.50.242.238 unknown
      1 85.56.140.29 29.pool85-56-140.dynamic.orange.es
      1 88.16.246.182 182.red-88-16-246.dynamicip.rima-tde.net
      1 88.216.114.144 unknown
      1 88.250.201.15 unknown
      1 89.70.249.146 89-70-249-146.dynamic.chello.pl
      1 89.122.48.1 unknown
      1 89.131.20.245 unknown
      1 92.58.52.234 unknown
      1 95.57.72.79 unknown
      1 95.57.252.178 unknown
      1 95.58.40.170 unknown
      1 95.59.123.227 unknown
      1 95.170.205.133 unknown
      1 97.64.152.66 unknown
      1 99.66.213.78 adsl-99-66-213-78.dsl.pltn13.sbcglobal.net
      1 103.23.101.235 unknown
      1 105.226.66.193 ti-226-66-193.telkomadsl.co.za
      1 105.236.104.215 105-236-104-215.access.mtnbusiness.co.za
      1 105.239.167.34 unknown
      1 108.132.214.144 adsl-108-132-214-144.mia.bellsouth.net
      1 109.96.132.250 unknown
      1 109.99.225.219 unknown
      1 114.221.145.112 unknown
      1 117.217.245.230 unknown
      1 118.82.27.1 unknown
      1 118.97.168.202 unknown
      1 118.97.212.188 unknown
      1 122.160.86.155 unknown
      1 124.43.194.166 unknown
      1 125.60.156.202 unknown
      1 178.89.57.40 unknown
      1 178.90.226.107 unknown
      1 180.241.244.7 unknown
      1 181.50.87.227 unknown
      1 181.53.105.149 unknown
      1 181.65.88.134 unknown
      1 181.66.41.27 unknown
      1 181.118.23.146 unknown
      1 186.27.66.4 unknown
      1 186.74.158.90 unknown
      1 186.85.177.77 unknown
      1 186.113.247.39 unknown
      1 186.119.117.20 unknown
      1 186.159.35.228 unknown
      1 186.194.5.146 unknown
      1 187.75.189.17 unknown
      1 187.162.65.56 187-162-65-56.static.axtel.net
      1 187.164.7.15 187-164-7-15.static.axtel.net
      1 187.178.174.34 187-178-174-34.dynamic.axtel.net
      1 187.184.193.26 187.184.193.26.cable.dyn.cableonline.com.mx
      1 187.189.14.74 unknown
      1 187.244.169.208 unknown
      1 189.134.120.212 unknown
      1 189.194.132.10 unknown
      1 189.212.24.74 189-212-24-74.static.axtel.net
      1 190.16.242.217 217-242-16-190.fibertel.com.ar
      1 190.41.98.101 unknown
      1 190.42.156.49 unknown
      1 190.42.169.223 unknown
      1 190.43.90.77 unknown
      1 190.43.132.1 unknown
      1 190.52.42.252 unknown
      1 190.66.148.152 unknown
      1 190.122.115.115 unknown
      1 190.135.108.81 r190-135-108-81.dialup.adsl.anteldata.net.uy
      1 190.139.189.247 host247.190-139-189.telecom.net.ar
      1 190.139.229.71 host71.190-139-229.telecom.net.ar
      1 190.146.145.254 unknown
      1 190.166.25.154 unknown
      1 190.166.26.126 unknown
      1 190.166.116.1 unknown
      1 190.172.131.240 unknown
      1 190.174.238.122 unknown
      1 190.185.226.254 unknown
      1 190.188.60.121 unknown
      1 190.194.60.155 unknown
      1 190.194.253.202 unknown
      1 190.218.225.196 unknown
      1 190.232.41.75 unknown
      1 190.232.47.232 unknown
      1 190.232.118.116 unknown
      1 190.233.80.68 unknown
      1 190.235.118.229 unknown
      1 190.235.224.26 unknown
      1 190.237.84.236 unknown
      1 190.238.197.3 unknown
      1 190.239.186.154 unknown
      1 190.239.215.51 unknown
      1 190.249.169.123 unknown
      1 196.29.237.186 unknown
      1 196.195.248.13 unknown
      1 197.148.62.61 unknown
      1 200.86.71.123 pc-123-71-86-200.cm.vtr.net
      1 200.88.195.55 tdev195-55.codetel.net.do
      1 200.110.161.225 unknown
      1 200.118.62.242 dynamic-ip-cr20011862242.cable.net.co
      1 200.121.168.109 unknown
      1 201.90.67.130 orion-g5-1-2-207-gacc08.spo.embratel.net.br
      1 201.150.32.188 unknown
      1 201.150.141.64 201.150.141.64.cable.dyn.cableonline.com.mx
      1 201.155.170.249 unknown
      1 201.213.126.172 201-213-126-172.net.prima.net.ar
      1 201.240.190.200 unknown
      1 203.241.183.13 unknown
      1 207.228.176.228 unknown
      1 208.65.167.40 rbpool9-39.shoreham.net
      1 208.110.35.183 unknown
      1 209.33.41.81 doc-209-33-41-81.russellville.ky.cebridge.net
      1 213.211.150.166 unknown
      1 213.245.237.164 213-245-237-164.rev.numericable.fr
      1 dbl.spamhaus.org
      1 192.211.52.68 unknown

      363 Connections lost (inbound) --------------------------------------------------------------
      350 After DATA
      11 After RCPT
      1 After CONNECT
      1 After EHLO

      ....
    • /dev/rob0
      ... For many years now, the vast majority of Internet mail traffic is spam and abuse. Yes, it s normal. ... Postfix has its own postscreen(8), which was
      Message 2 of 3 , Jul 28, 2013
      • 0 Attachment
        On Sun, Jul 28, 2013 at 02:07:46PM +0200, Carsten S. wrote:
        > I am receiving a considerable amount of connection from SPAM hosts
        > and I'm starting to wonder if this is normal ?

        For many years now, the vast majority of Internet mail traffic is
        spam and abuse. Yes, it's normal.

        > Also, could setting up a spamd help decrease number of connections ?

        Postfix has its own postscreen(8), which was influenced in design by
        spamd. Well worth the upgrade if you are not yet on 2.8+.

        http://www.postfix.org/POSTSCREEN_README.html
        http://rob0.nodns4.us/postscreen.html
        --
        http://rob0.nodns4.us/ -- system administration and consulting
        Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
      • Carsten S.
        ... Servers are running 2.9+ and the dump was made using postfix-logwatch 1.40.00 I took a look a postscreen - Postfix zombie blocker. Judging from the
        Message 3 of 3 , Jul 29, 2013
        • 0 Attachment
          On 07/28/2013 15:18, /dev/rob0 wrote:
          > On Sun, Jul 28, 2013 at 02:07:46PM +0200, Carsten S. wrote:
          >> I am receiving a considerable amount of connection from SPAM hosts
          >> and I'm starting to wonder if this is normal ?
          > For many years now, the vast majority of Internet mail traffic is
          > spam and abuse. Yes, it's normal.
          >
          >> Also, could setting up a spamd help decrease number of connections ?
          > Postfix has its own postscreen(8), which was influenced in design by
          > spamd. Well worth the upgrade if you are not yet on 2.8+.
          >
          > http://www.postfix.org/POSTSCREEN_README.html
          > http://rob0.nodns4.us/postscreen.html

          Servers are running 2.9+ and the dump was made using postfix-logwatch
          1.40.00

          I took a look a postscreen - Postfix zombie blocker. Judging from the
          description,
          Its seem to solve then problem.

          Got work to do.
        Your message has been successfully submitted and would be delivered to recipients shortly.