Installing smtp auth did not help my spam issue Below is example
in [Postfix]
|
Prev: Simple hack to get $800 to your home.
Next: (updated main.cf file) Installing smtp auth did not help my spamissue Below is example
From: Josh Cason on 7 Jun 2010 14:55 So I got rid of pop-before-smtp. I setup smtpd sasl. But like clockwork I'm still getting spam. I don't get it. I even found a program called test-relay-pro and it showed 16 problems until I added the sasl stuff. What I don't understand is why the difference between one of my costmers e-mail and this garbage. I could post another example of a customer using sasl. But that is fine too. I have everything I need about a customer. Yes I know about the -v in master.cf. But even with that. It doesn't give me anything usefull. I had one user on the postfix group sugguest I check the webserver and make sure that is okay. Well I did. No increase in logs. If you guys want. Go ahead and run a test on my server. See if I missed anything. mail.mychoice.cc or 24.117.29.115. Below is e-mail comming in from postini. Then below that is the spam garbage. Thanks, Josh --- this is a correct e-mail comming through via postini. ---- Jun 6 04:29:23 primary postfix/smtpd[17205]: 2353010D8005: client=exprod6mx266.postini.com[64.18.1.62] Jun 6 04:29:24 primary postfix/cleanup[30153]: 2353010D8005: hold: header Received: from psmtp.com (exprod6mx266.postini.co$ Jun 6 04:29:24 primary postfix/cleanup[30153]: 2353010D8005: message-id=<20100606102923.2353010D8005(a)primary.mychoice.cc> Jun 6 04:29:24 primary postfix/smtpd[17205]: disconnect from exprod6mx266.postini.com[64.18.1.62] Jun 6 04:29:25 primary MailScanner[29770]: New Batch: Scanning 1 messages, 20816 bytes Jun 6 04:29:25 primary MailScanner[29770]: Spam Checks: Starting Jun 6 04:29:29 primary MailScanner[29770]: Virus and Content Scanning: Starting Jun 6 04:29:33 primary MailScanner[29770]: Requeue: 2353010D8005.3CEC2 to C3E2510D8139 Jun 6 04:29:33 primary MailScanner[29770]: Uninfected: Delivered 1 messages Jun 6 04:29:33 primary postfix/qmgr[29765]: C3E2510D8139: from=<pehib6519(a)tim.ro>, size=20197, nrcpt=1 (queue active) Jun 6 04:29:33 primary postfix/virtual[17159]: C3E2510D8139: to=<intercessor(a)mychoice.cc>, relay=virtual, delay=14, delays=$ Jun 6 04:29:33 primary postfix/qmgr[29765]: C3E2510D8139: removed --- end of good example ----- --- below is this garbage ----- Jun 4 13:23:33 primary postfix/qmgr[29514]: C388610D8150: removed Jun 4 13:23:58 primary postfix/qmgr[29514]: 8A37A10D8140: from=<>, size=19455, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 89D452CB0004: from=<>, size=10574, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 8359D10D8801: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 8502210D8835: from=<>, size=15182, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 8BAC810D814F: from=<>, size=9743, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 89CE810D8811: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 8549D10D8195: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 8CA6810D8834: from=<>, size=15160, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 34EF910D880F: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 3B74F10D819B: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 3A50310D8806: from=<>, size=14980, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 6410410D819A: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 6F97A10D8800: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 625CD10D87F6: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 6DEBA10D81A7: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 6728F2CB0005: from=<>, size=14582, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 60F682CB000A: from=<>, size=5171, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 6310610D880E: from=<fk0431(a)gmail.com>, size=1127, nrcpt=19 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: D60E110D8839: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: DF45A10D8821: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: DD6E210D87FF: from=<>, size=21684, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: D296710D8813: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: DAFA810D882B: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 792E72CB0007: from=<>, size=10473, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 7793A10D8838: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 7A91210D881A: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: E43C110D8802: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: E203A10D818F: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: EDDA72CB0001: from=<lee(a)galaxymc.com>, size=919, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 0239510D814D: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 0BC5910D882D: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 0FD652CB0002: from=<>, size=14129, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 2527A2CB0006: from=<>, size=22490, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 2B00E10D8159: from=<>, size=22642, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 2949210D8187: from=<>, size=14418, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 2097410D880B: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 2376C10D8823: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 2808910D881D: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: A8B7F10D880D: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: A8DD610D8824: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: A31002CB0003: from=<>, size=14515, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: A785A10D818A: from=<>, size=22060, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: AA00B10D8814: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: A342410D8829: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: A1A4910D8831: from=<>, size=4722, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: CEE5D10D8815: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: C710910D881B: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: CA24E10D8804: from=<>, size=14765, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 1F6CB10D882C: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 1D73510D8812: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 1F5F410D8836: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 1F31A10D881C: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 4AB3110D8816: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 4C49310D813B: from=<>, size=15156, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 4077C10D815B: from=<>, size=14601, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 4CAF710D8807: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 4F0A72CB0008: from=<>, size=10204, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 4387210D880A: from=<>, size=15114, nrcpt=1 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: 4AADB10D882E: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: F305310D8832: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: B5E7F10D8805: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/qmgr[29514]: BF3D610D880C: from=<fk0431(a)gmail.com>, size=1127, nrcpt=20 (queue active) Jun 4 13:23:58 primary postfix/smtp[29777]: connect to ntcworld.com[69.43.160.143]: Connection refused (port 25) Jun 4 13:23:58 primary postfix/smtp[29777]: 8359D10D8801: to=<maurice.sharp(a)ntcworld.com>, relay=none, delay=353291, delays$ Jun 4 13:23:58 primary postfix/smtp[29793]: connect to mail.ashvil1.nc.home.com[66.114.124.140]: Connection refused (port 2$ Jun 4 13:23:58 primary postfix/smtp[29793]: 625CD10D87F6: to=<jthatley(a)mail.ashvil1.nc.home.com>, relay=none, delay=353383,$ Jun 4 13:23:58 primary postfix/smtp[29825]: 5CB9810D8196: to=<amy.myers(a)homegold.com>, relay=none, delay=353638, delays=353$ Jun 4 13:23:58 primary postfix/smtp[29790]: connect to airtelbroadband.in[125.19.17.20]: Connection refused (port 25) Jun 4 13:23:58 primary postfix/smtp[29790]: 3A50310D8806: to=<eqiajy8902(a)airtelbroadband.in>, relay=none, delay=113086, del$ Jun 4 13:23:58 primary postfix/smtp[29812]: connect to unitymediagroup.de[80.69.98.91]: Connection refused (port 25) Jun 4 13:23:58 primary postfix/smtp[29812]: 2527A2CB0006: to=<elazeb6967(a)unitymediagroup.de>, relay=none, delay=200136, del$ Jun 4 13:23:58 primary postfix/smtp[29795]: connect to zhora.ememultimedia.es[84.124.75.254]: Connection refused (port 25) Jun 4 13:23:58 primary postfix/smtp[29802]: connect to airtelbroadband.in[125.19.17.20]: Connection refused (port 25) Jun 4 13:23:58 primary postfix/smtp[29795]: 60F682CB000A: to=<wwwrun(a)zhora.ememultimedia.es>, relay=none, delay=62262, dela$ Jun 4 13:23:58 primary postfix/smtp[29802]: 792E72CB0007: to=<ymiaco7423(a)airtelbroadband.in>, relay=none, delay=129241, del$ Jun 4 13:23:58 primary postfix/smtp[29824]: 57FF910D8803: to=<smbarron(a)gccisd.net>, relay=smtp.gccisd.net[72.20.153.10]:25,$ Jun 4 13:23:58 primary postfix/smtp[29821]: connect to smtp.allidaho.com[66.232.90.195]: Connection refused (port 25) Jun 4 13:23:58 primary postfix/smtp[29821]: connect to smtp.allidaho.com[66.232.90.195]: Connection refused (port 25) Jun 4 13:23:58 primary postfix/smtp[29821]: 5F30410D801D: to=<sally(a)allidaho.com>, relay=none, delay=59, delays=58/0.43/0.2$ Jun 4 13:23:58 primary postfix/smtp[29811]: connect to airtelbroadband.in[125.19.17.20]: Connection refused (port 25) Jun 4 13:23:58 primary postfix/smtp[29811]: 0FD652CB0002: to=<ewygoekuyu3431(a)airtelbroadband.in>, relay=none, delay=210826,$ Jun 4 13:23:58 primary postfix/smtp[29804]: 7A91210D881A: host mail1.oppd.com[141.246.2.43] refused to talk to me: 421 mail$ Jun 4 13:23:59 primary postfix/smtp[29854]: connect to eathlink.net[216.65.41.185]: Connection refused (port 25) Jun 4 13:23:59 primary postfix/smtp[29854]: F305310D8832: to=<metaluna8(a)eathlink.net>, relay=none, delay=264567, delays=264$ Jun 4 13:23:59 primary postfix/smtp[29790]: connect to eraplatinumal.com[69.212.179.247]: No route to host (port 25) Jun 4 13:23:59 primary postfix/smtp[29790]: 99A1A10D8157: to=<info(a)eraplatinumal.com>, relay=none, delay=539174, delays=539$ Jun 4 13:23:59 primary postfix/smtp[29840]: connect to veloxzone.com.br[200.223.8.81]: Connection refused (port 25) Jun 4 13:23:59 primary postfix/smtp[29840]: A785A10D818A: to=<ijiva4510(a)veloxzone.com.br>, relay=none, delay=368176, delays$ Jun 4 13:23:59 primary postfix/smtp[29811]: connect to unitymediagroup.de[80.69.98.91]: Connection refused (port 25) Jun 4 13:23:59 primary postfix/smtp[29811]: 4F0A72CB0008: to=<qazyxukatu8084(a)unitymediagroup.de>, relay=none, delay=128992,$ Jun 4 13:23:59 primary postfix/smtp[29810]: connect to earathlink.net[209.59.178.169]: Connection refused (port 25) Jun 4 13:23:59 primary postfix/smtp[29810]: 0BC5910D882D: to=<davidem(a)earathlink.net>, relay=none, delay=266873, delays=266$ Jun 4 13:23:59 primary postfix/smtp[29849]: connect to veloxzone.com.br[200.223.8.81]: Connection refused (port 25) Jun 4 13:23:59 primary postfix/smtp[29849]: 4C49310D813B: to=<boekil4631(a)veloxzone.com.br>, relay=none, delay=1661, delays=$ Jun 4 13:23:59 primary postfix/smtp[29832]: connect to pvalaw.com[66.129.108.231]: Connection refused (port 25) Jun 4 13:23:59 primary postfix/smtp[29832]: 9D35410D819D: to=<jspector(a)pvalaw.com>, relay=none, delay=384861, delays=384860$ ----- it keeps going and going. Sigh ------ Thanks, Josh -- This message has been scanned for viruses and dangerous content by Mychoice, and is believed to be clean.
From: Noel Jones on 7 Jun 2010 14:38 On 6/7/2010 1:55 PM, Josh Cason wrote: > ----- it keeps going and going. Sigh ------ You must provide proper evidence as requested multiple times. Show unaltered "postconf -n" output and unaltered non-verbose postfix logging of a complete unwanted mail transaction. It will take you a few minutes to gather this evidence. Random log snippets are not helpful. Random main.cf snippets are not helpful. Verbose logs are not helpful. No more guessing what your problem might be until you show evidence as requested. http://www.postfix.org/DEBUG_README.html http://www.postfix.org/DEBUG_README.html#mail -- Noel Jones
From: Larry Stone on 7 Jun 2010 15:17
On Mon, 7 Jun 2010, Noel Jones wrote: > On 6/7/2010 1:55 PM, Josh Cason wrote: >> ----- it keeps going and going. Sigh ------ > > You must provide proper evidence as requested multiple times. Maybe he can also set the clock on his computer to the correct time so his messages don't keep arriving dated in the future. Since my mail reader sorts by message time (by default), I keep seeing replies before his question. :-( -- Larry Stone lstone19(a)stonejongleux.com |