View Single Post
  #10  
Old 11th May 2009, 18:35
bzzik bzzik is offline
Member
 
Join Date: Aug 2008
Posts: 67
Thanks: 1
Thanked 2 Times in 2 Posts
Default

I do not think that it is from guestbooks/forms. What I have done: I stopped postfix for about 3 hours. Then I started it again and look into logs. Immediately after start I got tons of mails in queue (I am not posting all of them):

Quote:
May 10 20:33:18 s2 postfix/postfix-script: stopping the Postfix mail system
May 10 20:33:18 s2 postfix/master[9501]: terminating on signal 15
May 10 21:36:21 s2 dovecot: pop3-login: Login: user=<llimejib>, method=PLAIN, rip=::ffff:78.84.91.197, lip=::ffff:87.226.13.245
May 10 21:36:21 s2 dovecot: POP3(llimejib): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0
May 10 23:29:10 s2 sendmail[24894]: alias database /etc/aliases rebuilt by root
May 10 23:29:10 s2 sendmail[24894]: /etc/aliases: 76 aliases, longest 10 bytes, 765 bytes total
May 10 23:29:10 s2 postfix/postfix-script: starting the Postfix mail system
May 10 23:29:10 s2 postfix/master[24940]: daemon started -- version 2.3.3, configuration /etc/postfix
May 10 23:29:10 s2 postfix/qmgr[24943]: EF8FB104715: from=<oficina@banestnet.es>, size=2466, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 12BB110476C: from=<info@bancaja.es>, size=2411, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: DD321104AA3: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1F1C31049C8: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: B4256104A91: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 16087104ABA: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7C140104A30: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1DBF8104763: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 3EF34104A94: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 10524104B1D: from=<>, size=4283, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: D7476104739: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1B061104A63: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 20B4A1049BF: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1AE4F104A3E: from=<info@santandersupernet.es>, size=3322, nrcpt=49 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: E83FD1048F8: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1F6591046ED: from=<oficina@banestnet.es>, size=2466, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: B2B1910470C: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1190610463F: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7FDF11049C6: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 150BB104940: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 6C9B3104A3B: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1E5E210470F: from=<oficina@banestnet.es>, size=2466, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 18B78104A20: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 19F8F104913: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: EA5E21048A8: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1EC44104978: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 37BD41046F1: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1849B1048E5: from=<>, size=8177, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 87D4B1049E9: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1AD35104B0A: from=<>, size=11424, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 863FA104ACF: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 11766104B27: from=<>, size=5173, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 53AF210478E: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 18F8D10482E: from=<>, size=7066, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1098C104A85: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1A565104971: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 14EAE1047B1: from=<>, size=10543, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 16CCE104B24: from=<>, size=5388, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1C4411048D8: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 17C83104791: from=<info@bancaja.es>, size=2411, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 14407104A0A: from=<>, size=8067, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 154FD10478F: from=<info@bancaja.es>, size=2411, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 11328104A44: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1686C104A03: from=<>, size=10161, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 164DC104757: from=<info@bancaja.es>, size=2411, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 17EF5104A8B: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 11E691049A5: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 12D171048E4: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 10D321046CE: from=<>, size=8321, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 197FE1047E9: from=<info@bancaja.es>, size=2411, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1C48D104AA0: from=<info@banesnet.es>, size=2453, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1BB5C1047DA: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 16C15104784: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1FFFF104B60: from=<oficina@banestnet.es>, size=2488, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 1EFD3104AE8: from=<>, size=8352, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7F386104A0E: from=<>, size=5229, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 73BD9104A1F: from=<>, size=8178, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 74669104923: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 75C431049ED: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7EDEF1049DA: from=<>, size=8358, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7281610477F: from=<info@bancaja.es>, size=2411, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 789D410460E: from=<>, size=8246, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7DE241046F6: from=<oficina@banestnet.es>, size=2466, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 726C8104A67: from=<>, size=10565, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 75E9D104A29: from=<>, size=7685, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7127B10493A: from=<info@bancaja.es>, size=2395, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7AA23104A50: from=<>, size=11375, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7CAA9104993: from=<>, size=8730, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7083D104B0D: from=<>, size=8723, nrcpt=1 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 738FC1049C2: from=<info@santandersupernet.es>, size=3322, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 7E04C10478C: from=<info@bancaja.es>, size=2411, nrcpt=50 (queue active)
May 10 23:29:10 s2 postfix/qmgr[24943]: 771BB1047A8:
And then activity started again:

Quote:
May 10 23:29:11 s2 postfix/qmgr[24943]: 0817B104877: from=<info@bancaja.es>, size=2395, nrcpt=49 (queue active)
May 10 23:29:11 s2 postfix/qmgr[24943]: 0C0C7104A14: from=<>, size=5170, nrcpt=1 (queue active)
May 10 23:29:11 s2 postfix/qmgr[24943]: 052E9104717: from=<>, size=5478, nrcpt=1 (queue active)
May 10 23:29:11 s2 postfix/smtp[24960]: connect to primera.net.uniovi.es[156.35.11.21]: Connection refused (port 25)
May 10 23:29:11 s2 postfix/smtp[24952]: 12BB110476C: host mxav2.loschatosdelturia.com[62.193.206.40] refused to talk to me: 554 av3.amenworld.com AMEN AMEN requires that all mail servers must have a P
TR record with a valid Reverse DNS entry. Currently your mail server does not fill that requirement.
May 10 23:29:11 s2 postfix/smtp[24965]: connect to correo0.uma.es[150.214.40.111]: Connection refused (port 25)
May 10 23:29:11 s2 postfix/smtp[24961]: connect to mailhost.inves.es[62.97.103.145]: Connection refused (port 25)
May 10 23:29:11 s2 postfix/smtp[24961]: DD321104AA3: to=<juandi@inves.es>, relay=none, delay=303490, delays=303490/0.14/0.2/0, dsn=4.4.1, status=deferred (connect to mailhost.inves.es[62.97.103.145]:
Connection refused)
May 10 23:29:11 s2 postfix/smtp[24952]: 12BB110476C: to=<loschatosdelturia@loschatosdelturia.com>, relay=mxav1.loschatosdelturia.com[62.193.206.39]:25, delay=393754, delays=393754/0.07/0.29/0, dsn=4.0
.0, status=deferred (host mxav1.loschatosdelturia.com[62.193.206.39] refused to talk to me: 554 av3.amenworld.com AMEN AMEN requires that all mail servers must have a PTR record with a valid Reverse D
NS entry. Currently your mail server does not fill that requirement.)
May 10 23:29:11 s2 postfix/smtp[25011]: connect to correo0.uma.es[150.214.40.111]: Connection refused (port 25)
May 10 23:29:11 s2 postfix/smtp[24951]: 12BB110476C: host mx.dca.untd.com[64.136.44.37] refused to talk to me: 550 Access denied...4df38e2b4e03c3c373833e4b5a3b5ae3cf83779a6 3c78a5bc39e635b5ef7f7bb132ad
3bef7d3afabdfdb...
May 10 23:29:11 s2 postfix/smtp[24953]: 12BB110476C: host mxav2.loscorleone.com[62.193.206.42] refused to talk to me: 554 av4.amenworld.com AMEN AMEN requires that all mail servers must have a PTR rec
ord with a valid Reverse DNS entry. Currently your mail server does not fill that requirement.
May 10 23:29:11 s2 postfix/smtp[25032]: connect to mailhost-antispam.ttd.net[213.0.184.65]: Connection refused (port 25)
May 10 23:29:11 s2 postfix/smtp[25032]: 1DBF8104763: to=<danidaniel@jumpy.es>, relay=none, delay=307199, delays=307199/0.45/0.09/0, dsn=4.4.1, status=deferred (connect to mailhost-antispam.ttd.net[213
.0.184.65]: Connection refused)
May 10 23:29:11 s2 postfix/smtp[24986]: connect to mail-av.celbio.it[217.194.7.78]: Connection refused (port 25)
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es: num=19:self signed certificate in certificate chain
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es: num=24:invalid CA certificate
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es: num=26:unsupported certificate purpose
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es: num=10:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es: num=10:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24963]: certificate verification failed for mx.terra.es:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24948]: EF8FB104715: to=<oportunidade.vaga@terra.com.br>, relay=vip-us-br-mx.terra.com[208.84.244.133]:25, delay=368659, delays=368658/0.06/0.53/0, dsn=4.7.1, status=de
ferred (host vip-us-br-mx.terra.com[208.84.244.133] refused to talk to me: 450 4.7.1 Client host rejected: cannot find your hostname, [87.226.13.245])
May 10 23:29:11 s2 postfix/smtp[25002]: 16087104ABA: to=<mirandajose@mixmail.com>, relay=ing.wanadoo.es[62.36.20.73]:25, delay=303410, delays=303409/0.32/0.28/0, dsn=4.0.0, status=deferred (host ing.w
anadoo.es[62.36.20.73] refused to talk to me: 550 Reverse DNS lookup failed for host 87.226.13.245.)
May 10 23:29:11 s2 postfix/smtp[24962]: DD321104AA3: to=<juanfernandez1973@orangemail.es>, relay=inc.wanadoo.es[62.36.20.20]:25, delay=303491, delays=303490/0.14/0.47/0, dsn=4.0.0, status=deferred (ho
st inc.wanadoo.es[62.36.20.20] refused to talk to me: 550 Reverse DNS lookup failed for host 87.226.13.245.)
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net: num=19:self signed certificate in certificate chain
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net: num=24:invalid CA certificate
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net: num=26:unsupported certificate purpose
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net: num=10:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net: num=10:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net:certificate has expired
May 10 23:29:11 s2 postfix/smtp[24979]: certificate verification failed for tnetmx.telefonica.net:certificate has expired
These .es domains - can I simply somehow ban them? What I am suffering from?
Reply With Quote