Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: thedude on April 26, 2005, 08:35:54 PM

Title: mail log
Post by: thedude on April 26, 2005, 08:35:54 PM
I'm getting some strange errors in my mail log and I'm wondering if maybe my server is being used for something improper.

It looks like someone is sending spam messages through the server. These definitely aren't coming from any of our machines here on our network.

Any ideas?


1.98  161.58.153.34 does not like recipient./Remote host said: 550 5.1.1 <NIUEFHN@mainlineestates.com>... User unknown/Giving up on 161.58.153.34./
   1     1.28  167.206.4.77 does not like recipient./Remote host said: 550 5.1.1 unknown or illegal alias: ettie malloy@optonline.net/Giving up on 167.206.4.77./
   1     1.69  167.206.4.77 does not like recipient./Remote host said: 550 5.1.1 unknown or illegal alias: Feleciana25@optonline.com/Giving up on 167.206.4.77./
   1     1.99  193.110.243.35 does not like recipient./Remote host said: 550 bad bounce - please make sure we sent you the original message./Giving up on 193.110.243.35./
   1     4.12  193.189.160.18 does not like recipient./Remote host said: 550 Invalid recipient: <r.a.norrispz@emb.si>/Giving up on 193.189.160.18./
Title: Re: mail log
Post by: CharlieBrady on April 27, 2005, 12:20:38 AM
Quote from: "thedude"
I'm getting some strange errors in my mail log and I'm wondering if maybe my server is being used for something improper.

It looks like someone is sending spam messages through the server. These definitely aren't coming from any of our machines here on our network.

Any ideas?


Chances are those messages are "return-to-sender" messages in response to spam which arrived and wasn't deliverable on your server. If so, you'd see corresponding arrival logs in your smtpfront-qmail log file.

But they could be outgoing spam. What makes you definite that they aren't coming from any of your machines? Do you have any wireless connections on your network?
Title: mail log
Post by: thedude on April 27, 2005, 01:53:53 AM
The reason I'm sure it isn't a computer on this network is because they are checked constantly for viruses, and there are only 3 computers on the network.

We do a lot of virus/spyware repair on customer's computers, so we are super careful. The customer's computers aren't plugged into the network until they are cleaned.

No wireless connections at all.