Topic: mail log

[thedude]

I'm getting some strange errors in my mail log and I'm wondering if maybe my server is being used for something improper.

It looks like someone is sending spam messages through the server. These definitely aren't coming from any of our machines here on our network.

Any ideas?


1.98  161.58.153.34 does not like recipient./Remote host said: 550 5.1.1 <NIUEFHN@mainlineestates.com>... User unknown/Giving up on 161.58.153.34./
   1     1.28  167.206.4.77 does not like recipient./Remote host said: 550 5.1.1 unknown or illegal alias: ettie malloy@optonline.net/Giving up on 167.206.4.77./
   1     1.69  167.206.4.77 does not like recipient./Remote host said: 550 5.1.1 unknown or illegal alias: Feleciana25@optonline.com/Giving up on 167.206.4.77./
   1     1.99  193.110.243.35 does not like recipient./Remote host said: 550 bad bounce - please make sure we sent you the original message./Giving up on 193.110.243.35./
   1     4.12  193.189.160.18 does not like recipient./Remote host said: 550 Invalid recipient: <r.a.norrispz@emb.si>/Giving up on 193.189.160.18./

[CharlieBrady]

I'm getting some strange errors in my mail log and I'm wondering if maybe my server is being used for something improper.

It looks like someone is sending spam messages through the server. These definitely aren't coming from any of our machines here on our network.

Any ideas?

Chances are those messages are "return-to-sender" messages in response to spam which arrived and wasn't deliverable on your server. If so, you'd see corresponding arrival logs in your smtpfront-qmail log file.

But they could be outgoing spam. What makes you definite that they aren't coming from any of your machines? Do you have any wireless connections on your network?

[thedude]

The reason I'm sure it isn't a computer on this network is because they are checked constantly for viruses, and there are only 3 computers on the network.

We do a lot of virus/spyware repair on customer's computers, so we are super careful. The customer's computers aren't plugged into the network until they are cleaned.

No wireless connections at all.