Ergebnis 1 bis 7 von 7

Thema: SPAM-Welle trotz geschlossenem Relaying?

Baum-Darstellung

Vorheriger Beitrag Vorheriger Beitrag   Nächster Beitrag Nächster Beitrag
  1. #1
    Neues Mitglied
    Registriert seit
    04.06.2013
    Beiträge
    2

    Frage SPAM-Welle trotz geschlossenem Relaying?

    Hallo,

    seit gestern laufen auf unserem Verein-Server SPAM-Mails ein, die dieser weiterleiten soll.
    Dabei ist das Relaying nur nach SMTP-Authentifizierung eingestellt.
    Auch DNS-Blackholes sind eingestellt (bezogen über zen.spamhaus.org;bl.spamcop.net;b.barracudacentral.org).

    Zuerst dachte ich: Okay, die Mails gehen ein, aber werden dann für ewig in die Warteschleife versetzt bzw. daraus gelösch.
    Aber nun sehe ich, dass wohl einige der eMails verschickt werden und in Folge dessen unsere IP z.B. bei Yahoo geblockt wird. Sch....
    Edit: Dabei existieren die angeblichen Absender-Adressen (z.B. jerri_wiggins@mydomain2.tld, siehe Log-Auszug unten) auf unserem Server nicht.

    Hier ein Auszug aus /var/log/mail.info (dabei habe ich den Servernamen durch myServer, die IP durch #MyIPStandsHere# und unsere beiden Domains durch mydomain1.tdl bzw. mydomain2.tdl ersetzt)

    Code:
    Jun  4 10:29:54 myServer postfix/smtp[16226]: 9F4EA187EEBE: to=<rha@dylan.dk>, relay=mgw.netsite.dk[193.29.201.83]:25, delay=1.7, delays=0.84/0/0.55/0.27, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as BF2E61E869AE)
    Jun  4 10:29:54 myServer postfix/qmgr[23746]: 9F4EA187EEBE: removed
    Jun  4 10:30:03 myServer postfix/pickup[16257]: 7BC3E187EEBE: uid=33 from=<jerri_wiggins@mydomain2.tld>
    Jun  4 10:30:03 myServer postfix/cleanup[16096]: 7BC3E187EEBE: message-id=<20130604083003.7BC3E187EEBE@mydomain1.tld>
    Jun  4 10:30:05 myServer postfix/qmgr[23746]: 7BC3E187EEBE: from=<jerri_wiggins@mydomain2.tld>, size=744, nrcpt=1 (queue active)
    Jun  4 10:30:07 myServer postfix/pickup[16257]: DCB67187EEBF: uid=33 from=<jerri_wiggins@mydomain2.tld>
    Jun  4 10:30:07 myServer postfix/cleanup[16038]: DCB67187EEBF: message-id=<20130604083007.DCB67187EEBF@mydomain1.tld>
    Jun  4 10:30:08 myServer postfix/qmgr[23746]: DCB67187EEBF: from=<jerri_wiggins@mydomain2.tld>, size=733, nrcpt=1 (queue active)
    Jun  4 10:30:09 myServer postfix/smtp[16187]: DCB67187EEBF: to=<rha_2006_1@hotmail.com>, relay=mx4.hotmail.com[65.55.92.136]:25, delay=1.5, delays=0.59/0/0.42/0.46, dsn=2.0.0, status=sent (250  <20130604083007.DCB67187EEBF@mydomain1.tld> Queued mail for delivery)
    Jun  4 10:30:09 myServer postfix/qmgr[23746]: DCB67187EEBF: removed
    Jun  4 10:30:11 myServer postfix/smtp[15895]: 7BC3E187EEBE: to=<rha@sonic.net>, relay=mailin-01.mx.sonic.net[69.12.221.235]:25, delay=9.1, delays=2.1/0.56/3.9/2.5, dsn=2.0.0, status=sent (250 2.0.0 r548U6Ql000702 Message accepted for delivery)
    Jun  4 10:30:11 myServer postfix/qmgr[23746]: 7BC3E187EEBE: removed
    Jun  4 10:30:19 myServer postfix/pickup[16257]: 55D5D187EEBE: uid=33 from=<jerri_wiggins@mydomain2.tld>
    Jun  4 10:30:19 myServer postfix/cleanup[16100]: 55D5D187EEBE: message-id=<20130604083019.55D5D187EEBE@mydomain1.tld>
    Jun  4 10:30:19 myServer postfix/qmgr[23746]: 55D5D187EEBE: from=<jerri_wiggins@mydomain2.tld>, size=727, nrcpt=1 (queue active)
    Jun  4 10:30:20 myServer postfix/smtp[15857]: 55D5D187EEBE: host mta7.am0.yahoodns.net[66.196.118.37] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
    Jun  4 10:30:20 myServer postfix/smtp[15857]: 55D5D187EEBE: host mta7.am0.yahoodns.net[98.138.112.32] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
    Jun  4 10:30:20 myServer postfix/smtp[15857]: 55D5D187EEBE: host mta6.am0.yahoodns.net[98.138.112.34] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
    Jun  4 10:30:21 myServer postfix/smtp[15857]: 55D5D187EEBE: host mta5.am0.yahoodns.net[98.138.112.38] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
    Jun  4 10:30:21 myServer postfix/smtp[15857]: 55D5D187EEBE: to=<rhaa81@yahoo.com>, relay=mta5.am0.yahoodns.net[98.138.112.37]:25, delay=2.5, delays=1.1/0/1.3/0, dsn=4.7.1, status=deferred (host mta5.am0.yahoodns.net[98.138.112.37] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Jun  4 10:30:38 myServer postfix/anvil[16112]: statistics: max connection rate 1/60s for (smtp:212.227.17.12) at Jun  4 10:27:18
    Jun  4 10:30:38 myServer postfix/anvil[16112]: statistics: max connection count 1 for (smtp:212.227.17.12) at Jun  4 10:27:18
    Jun  4 10:30:38 myServer postfix/anvil[16112]: statistics: max cache size 1 at Jun  4 10:27:18
    Jun  4 10:32:00 myServer postfix/pickup[16257]: EA8DD187EEBF: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:00 myServer postfix/cleanup[27764]: EA8DD187EEBF: message-id=<20130604083200.EA8DD187EEBF@mydomain1.tld>
    Jun  4 10:32:01 myServer postfix/qmgr[23746]: EA8DD187EEBF: from=<kelli_mckinney@mydomain2.tld>, size=763, nrcpt=1 (queue active)
    Jun  4 10:32:02 myServer postfix/pickup[16257]: 515A1187EEC0: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:02 myServer postfix/cleanup[27764]: 515A1187EEC0: message-id=<20130604083202.515A1187EEC0@mydomain1.tld>
    Jun  4 10:32:02 myServer postfix/qmgr[23746]: 515A1187EEC0: from=<kelli_mckinney@mydomain2.tld>, size=740, nrcpt=1 (queue active)
    Jun  4 10:32:04 myServer postfix/pickup[16257]: 035A8187EEC1: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:04 myServer postfix/cleanup[27764]: 035A8187EEC1: message-id=<20130604083204.035A8187EEC1@mydomain1.tld>
    Jun  4 10:32:04 myServer postfix/qmgr[23746]: 035A8187EEC1: from=<kelli_mckinney@mydomain2.tld>, size=743, nrcpt=1 (queue active)
    Jun  4 10:32:05 myServer postfix/smtp[27776]: EA8DD187EEBF: to=<mlg44838@nifty.com>, relay=smmx.nifty.com[210.131.4.177]:25, delay=4.5, delays=0.62/0.01/2.5/1.3, dsn=2.0.0, status=sent (250 2.0.0 r548W2DC026583 Message accepted for delivery)
    Jun  4 10:32:05 myServer postfix/qmgr[23746]: EA8DD187EEBF: removed
    Jun  4 10:32:05 myServer postfix/smtp[27901]: 035A8187EEC1: to=<mlg58@hotmail.com>, relay=mx2.hotmail.com[65.55.92.136]:25, delay=2, delays=0.88/0.01/0.42/0.66, dsn=5.0.0, status=bounced (host mx2.hotmail.com[65.55.92.136] said: 550 Requested action not taken: mailbox unavailable (in reply to RCPT TO command))
    Jun  4 10:32:05 myServer postfix/pickup[16257]: 7F625187EEC2: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:05 myServer postfix/cleanup[27764]: 7F625187EEC2: message-id=<20130604083205.7F625187EEC2@mydomain1.tld>
    Jun  4 10:32:05 myServer postfix/cleanup[27962]: A4897187EEC3: message-id=<20130604083205.A4897187EEC3@mydomain1.tld>
    Jun  4 10:32:06 myServer postfix/qmgr[23746]: A4897187EEC3: from=<>, size=2639, nrcpt=1 (queue active)
    Jun  4 10:32:06 myServer postfix/qmgr[23746]: 7F625187EEC2: from=<kelli_mckinney@mydomain2.tld>, size=743, nrcpt=1 (queue active)
    Jun  4 10:32:06 myServer postfix-local[27977]: postfix-local: from=MAILER-DAEMON, to=kelli_mckinney@mydomain2.tld, dirname=/var/qmail/mailnames
    Jun  4 10:32:06 myServer postfix/bounce[27938]: 035A8187EEC1: sender non-delivery notification: A4897187EEC3
    Jun  4 10:32:06 myServer postfix/qmgr[23746]: 035A8187EEC1: removed
    Jun  4 10:32:06 myServer postfix-local[27977]: Unable to get sender domain by sender mailname
    Jun  4 10:32:06 myServer postfix-local[27977]: cannot chdir to mailname dir kelli_mckinney: No such file or directory
    Jun  4 10:32:06 myServer postfix-local[27977]: Unknown user: kelli_mckinney@mydomain2.tld
    Jun  4 10:32:06 myServer postfix/pipe[27976]: A4897187EEC3: to=<kelli_mckinney@mydomain2.tld>, relay=plesk_virtual, delay=0.76, delays=0.39/0.01/0/0.36, dsn=2.0.0, status=sent (delivered via plesk_virtual service)
    Jun  4 10:32:06 myServer postfix/qmgr[23746]: A4897187EEC3: removed
    Jun  4 10:32:07 myServer postfix/pickup[16257]: 0B947187EEBF: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:07 myServer postfix/cleanup[27764]: 0B947187EEBF: message-id=<20130604083207.0B947187EEBF@mydomain1.tld>
    Jun  4 10:32:07 myServer postfix/qmgr[23746]: 0B947187EEBF: from=<kelli_mckinney@mydomain2.tld>, size=741, nrcpt=1 (queue active)
    Jun  4 10:32:08 myServer postfix/pickup[16257]: 7E679187EEC1: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:08 myServer postfix/cleanup[27962]: 7E679187EEC1: message-id=<20130604083208.7E679187EEC1@mydomain1.tld>
    Jun  4 10:32:08 myServer postfix/smtp[27901]: 0B947187EEBF: to=<mlg6453@msn.com>, relay=mx2.hotmail.com[65.55.37.104]:25, delay=1.9, delays=0.83/0.01/0.52/0.55, dsn=2.0.0, status=sent (250  <20130604083207.0B947187EEBF@mydomain1.tld> Queued mail for delivery)
    Jun  4 10:32:08 myServer postfix/qmgr[23746]: 7E679187EEC1: from=<kelli_mckinney@mydomain2.tld>, size=740, nrcpt=1 (queue active)
    Jun  4 10:32:08 myServer postfix/qmgr[23746]: 0B947187EEBF: removed
    Jun  4 10:32:09 myServer postfix/smtp[27901]: 7E679187EEC1: to=<mlg79@live.com>, relay=mx3.hotmail.com[65.55.92.168]:25, delay=1.4, delays=0.51/0.01/0.41/0.44, dsn=2.0.0, status=sent (250  <20130604083208.7E679187EEC1@mydomain1.tld> Queued mail for delivery)
    Jun  4 10:32:09 myServer postfix/qmgr[23746]: 7E679187EEC1: removed
    Jun  4 10:32:10 myServer postfix/smtp[27850]: 515A1187EEC0: to=<mlg467@aol.com>, relay=mailin-01.mx.aol.com[64.12.90.1]:25, delay=8, delays=0.7/0.01/1.4/5.9, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as DF86138000081)
    Jun  4 10:32:10 myServer postfix/qmgr[23746]: 515A1187EEC0: removed
    Jun  4 10:32:10 myServer postfix/pickup[16257]: 3A410187EEBF: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:10 myServer postfix/cleanup[27764]: 3A410187EEBF: message-id=<20130604083210.3A410187EEBF@mydomain1.tld>
    Jun  4 10:32:10 myServer postfix/qmgr[23746]: 3A410187EEBF: from=<kelli_mckinney@mydomain2.tld>, size=743, nrcpt=1 (queue active)
    Jun  4 10:32:11 myServer postfix/pickup[16257]: CAFB3187EEC0: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:11 myServer postfix/cleanup[27962]: CAFB3187EEC0: message-id=<20130604083211.CAFB3187EEC0@mydomain1.tld>
    Jun  4 10:32:12 myServer postfix/qmgr[23746]: CAFB3187EEC0: from=<kelli_mckinney@mydomain2.tld>, size=756, nrcpt=1 (queue active)
    Jun  4 10:32:13 myServer postfix/pickup[16257]: 3C174187EEC1: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:13 myServer postfix/cleanup[27764]: 3C174187EEC1: message-id=<20130604083213.3C174187EEC1@mydomain1.tld>
    Jun  4 10:32:13 myServer postfix/smtp[27901]: CAFB3187EEC0: to=<mlg82np@live.com>, relay=mx3.hotmail.com[65.54.188.110]:25, delay=1.8, delays=0.76/0/0.51/0.55, dsn=2.0.0, status=sent (250  <20130604083211.CAFB3187EEC0@mydomain1.tld> Queued mail for delivery)
    Jun  4 10:32:13 myServer postfix/qmgr[23746]: CAFB3187EEC0: removed
    Jun  4 10:32:13 myServer postfix/qmgr[23746]: 3C174187EEC1: from=<kelli_mckinney@mydomain2.tld>, size=744, nrcpt=1 (queue active)
    Jun  4 10:32:13 myServer postfix/smtp[27850]: 3C174187EEC1: host mta5.am0.yahoodns.net[98.136.217.203] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
    Jun  4 10:32:14 myServer postfix/smtp[27850]: 3C174187EEC1: host mta7.am0.yahoodns.net[66.196.118.33] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
    Jun  4 10:32:14 myServer postfix/smtp[27850]: 3C174187EEC1: host mta5.am0.yahoodns.net[98.138.112.33] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
    Jun  4 10:32:14 myServer postfix/smtp[27850]: 3C174187EEC1: host mta7.am0.yahoodns.net[66.196.118.37] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html
    Jun  4 10:32:15 myServer postfix/pickup[16257]: 5EFB1187EEC0: uid=33 from=<kelli_mckinney@mydomain2.tld>
    Jun  4 10:32:15 myServer postfix/cleanup[27962]: 5EFB1187EEC0: message-id=<20130604083215.5EFB1187EEC0@mydomain1.tld>
    Jun  4 10:32:15 myServer postfix/smtp[27850]: 3C174187EEC1: to=<mlg90270@yahoo.com>, relay=mta5.am0.yahoodns.net[98.138.112.35]:25, delay=1.8, delays=0.42/0/1.4/0, dsn=4.7.1, status=deferred (host mta5.am0.yahoodns.net[98.138.112.35] refused to talk to me: 421 4.7.1 [TS03] All messages from #MyIPStandsHere# will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Jun  4 10:32:15 myServer postfix/qmgr[23746]: 5EFB1187EEC0: from=<kelli_mckinney@mydomain2.tld>, size=762, nrcpt=1 (queue active)

    Habt ihr noch irgendeine Idee, was ich einstellen / überprüfen kann, um das zu stoppen?

    Besten Dank,

    Zenon
    Geändert von Zenon.2000 (04.06.2013 um 11:36 Uhr)

Lesezeichen

Lesezeichen

Berechtigungen

  • Neue Themen erstellen: Nein
  • Themen beantworten: Nein
  • Anhänge hochladen: Nein
  • Beiträge bearbeiten: Nein
  •  
Partnerlink:
REDDOXX Anti-Spam Lösungen