mail log
 

Hi

I have about 22 mb of logfile for my mailserver. for today...

What is this :

Your IP address is listed in CBL as psam sender:

http://cbl.abuseat.org/lookup.cgi?ip=85.82.7.54

Thats why the server refuses your emails. Please check that your server is not a open relay and check that you do not have PHP or perl formmail scripts installed on your server that allow mail relaying.

With the command postqueue -p you can check how many mails are stored in your mailqueue.

Shit...

i have 816 in queue... I have stopped my smtp server...

How can i make it possible on to use SMTP from localhost ?

You can set:

inet_interfaces = 127.0.0.1

in your postfix main.cf. But if the origin of the spam is a formmail script, this solution wont help.

Hi..

I have set that now.

How do i delete the queue ?

And how can i see if there is a script they are using ?

This sucks :(


I througt i had a safe system.. But nothing is safe in this world :)

To empty the que, run this command:

postsuper -d ALL

Before you empty the queue, you can try to find out which script has send the mails by inpecting the mail content with the command:

postcat -q /path/to/the/mailspol/file

To find the path of the mailfile, you may run:

updatedb

and then search the file with:

locate [MAILID]

where [MAILID] is the ID of a spool item in the postqueue -p listing.

After updatedb

locate 5D7846F4519

5D7846F4519 is that the ID i should search for ?

It can't locate anything ?

This looks like a correct mail ID:

if your run:

postqueue -p | grep 5D7846F4519

Do you get the line with the mail? Maybe the email has been delivered already. You might have to stop postfix for a while to analyse the mails.

I get this:

postqueue: warning: Mail system is down -- accessing queue directly
5D7846F4519 60590 Thu Oct 26 18:01:07 Patricecoma@vesterlund-nielsen.dk


The mailserver is down... I did not dare not to.. :)

Hi..

I found the files: