Koozali.org: home of the SME Server
Legacy Forums => Experienced User Forum => Topic started by: gmr2000 on January 09, 2005, 07:37:08 AM
-
I have strange sender with large number of messages when I show “sender statistic” under Mail log file analysis. Can any one help to understand the meaning of <<>>, <#@[]>.
mess bytes sbytes rbytes recips tries xdelay sender
1413 16590963 15877 16590963 1413 1413 95.486257 400/<<>>
14633 195384811 195384811 195384811 14633 14633 924.533626 400/<#@[]>
9279 107535358 125651 107535358 9279 9279 573.086493 400/<>
106 1072582 916924 1072582 106 106 6398.678393 401/<<>
108 158082 141748 158082 108 108 12.385725 401/<>
-
I have strange sender with large number of messages when I show “sender statistic” under Mail log file analysis. Can any one help to understand the meaning of <<>>, <#@[]>.
The problem i found was, that someone was using the server as a relay server. (sending from external adres to a external adres). the meaning <> and #@ can be a virus sending thru your server or spam.
I installed secure mail and disabled the possebility to access the mailserver external by pop or smtp (only secure imap). I installed also the email blocking rpm from dungog. After this the strange mail was gone and my cpu load went from 90% to 3%.
-
brownfox
> The problem i found was, that someone was using
> the server as a relay server
You should run a relay test immediately:
telnet relay-test.mail-abuse.org
Alternatively browse to
www.abuse.net/relay.html
-
I am using SME 6.0 with AV and SA as mail gateway to scan the incoming emails and forward them to MS exchange. I do believe there is loop between SME and exchange. But, I don’t know how to figure it out.
I have check the server usig www.abuse.net/relay.html and it's not relaying.