Topic: Am I receiving/sending SPAM??

[mauro]

Hi,
 today I received two nice messages from sme7admin: last night at 1:17 I received 919 mails and I sent out another 103!
Now, I had a look at both qmail and qpsmtpd logs around that time and I did not find any strange traffic.
Nobody was in the office, all PC clients shut down, no VPN connections, no ntp time adjustments this night...
None of us received any extra amount of spam, even if I can see the incoming mail graph in sme7admin actually showing a peak of incoming and outcoming emails.
What else should I check? I'm a bit warried...

Have a nice day!
Mauro

[cactus]

Hi,
 today I received two nice messages from sme7admin: last night at 1:17 I received 919 mails and I sent out another 103!
Now, I had a look at both qmail and qpsmtpd logs around that time and I did not find any strange traffic.
Nobody was in the office, all PC clients shut down, no VPN connections, no ntp time adjustments this night...
None of us received any extra amount of spam, even if I can see the incoming mail graph in sme7admin actually showing a peak of incoming and outcoming emails.
What else should I check? I'm a bit warried...

Normally SME Server is closed to relaying, so it would be very hard to SPAM using a SME Server. Did you modify any configuration entries like remote access settings or open ports for external access to mail, define remote hosts as local hosts?

[mauro]

No, I mean, I allow SSH connections only from local networks; no PPTP; external access through POP3S only (no webmail)... but the strange thing is that I really can't find all those messages in the log files.

[mauro]

I think it's a known bug (bugzilla #1051), basically an interference between sme7admin and logrotate; I have logrotate running at 1:12 and sme7admin sent out the alert exactly 5 minutes later. I feel better now...
Cactus, thanks for the suggestions anyway.

[cactus]

Cactus, thanks for the suggestions anyway.

You are welcome!

[Confucius]

Seems to me a situation of the bulk is marked as spam and the mail you think you are sending out might be replies from qmail that you don't have the adresses they were trying to reach. Common thing with spam, they try every option they can come up with.

[micropitt]

Hi,
 today I received two nice messages from sme7admin: last night at 1:17 I received 919 mails and I sent out another 103!
Now, I had a look at both qmail and qpsmtpd logs around that time and I did not find any strange traffic.
Nobody was in the office, all PC clients shut down, no VPN connections, no ntp time adjustments this night...
None of us received any extra amount of spam, even if I can see the incoming mail graph in sme7admin actually showing a peak of incoming and outcoming emails.
What else should I check? I'm a bit warried...

Have a nice day!
Mauro

Yep, same here. Last night I had 413 incoming and 173 outgoing but nothing in the logs......