View Single Post
  #1  
Old 9th September 2009, 22:49
gwiz gwiz is offline
Junior Member
 
Join Date: Sep 2009
Posts: 10
Thanks: 0
Thanked 0 Times in 0 Posts
Default Mail Log Question - Is This Normal

Is this a normal log file?

Wondering why pop3d/amopd/postfix keep connecting and disconnecting when I am not initiating the activity & Wondering why I am getting this warning from google:

smtp-in.l.google.com[209.85.216.57] said: 421-4.7.0 [xx.xxx.xxx.xx] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines.

Does this mean someone has tapped into my system, and are bouncing spam mail off my server. This is just a partial of my log file, every 5 minutes or so there is activity, and the entire log is way to long to post here

Is there a setting I need to change, or is this normal activity?



Sep 9 12:40:02 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 12:40:02 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 12:40:02 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 12:40:02 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 12:40:02 www postfix/smtpd[2837]: connect from localhost[127.0.0.1]
Sep 9 12:40:02 www postfix/smtpd[2837]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 12:40:02 www postfix/smtpd[2837]: disconnect from localhost[127.0.0.1]
Sep 9 12:41:27 www postfix/smtpd[2775]: timeout after END-OF-MESSAGE from localhost[127.0.0.1]
Sep 9 12:41:27 www postfix/smtpd[2775]: disconnect from localhost[127.0.0.1]
Sep 9 12:43:34 www postfix/qmgr[2534]: 5AF5E2C2F2: from=<web2@www.damutt.com>, size=1283, nrcpt=1 (queue active)
Sep 9 12:44:05 www postfix/smtp[2876]: 5AF5E2C2F2: host gmail-smtp-in.l.google.com[209.85.216.57] said: 421-4.7.0 [xx.xxx.xxx.xxx] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. 13si2998532pxi.23 (in reply to end of DATA command)
Sep 9 12:44:36 www postfix/smtp[2876]: 5AF5E2C2F2: to=<magicg@gmail.com>, relay=alt1.gmail-smtp-in.l.google.com[209.85.211.100]:25, delay=489, delays=427/0.09/31/31, dsn=2.0.0, status=sent (250 2.0.0 OK 1252521876 40si15158245ywh.73)
Sep 9 12:44:36 www postfix/qmgr[2534]: 5AF5E2C2F2: removed
Sep 9 12:45:01 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 12:45:01 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 12:45:01 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 12:45:01 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 12:45:01 www postfix/smtpd[2903]: connect from localhost[127.0.0.1]
Sep 9 12:45:01 www postfix/smtpd[2903]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 12:45:01 www postfix/smtpd[2903]: disconnect from localhost[127.0.0.1]
Sep 9 12:50:01 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 12:50:01 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 12:50:01 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 12:50:01 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 12:50:01 www postfix/smtpd[2967]: connect from localhost[127.0.0.1]
Sep 9 12:50:01 www postfix/smtpd[2967]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 12:50:01 www postfix/smtpd[2967]: disconnect from localhost[127.0.0.1]
Sep 9 12:55:01 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 12:55:01 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 12:55:01 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 12:55:01 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 12:55:01 www postfix/smtpd[3031]: connect from localhost[127.0.0.1]
Sep 9 12:55:01 www postfix/smtpd[3031]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 12:55:01 www postfix/smtpd[3031]: disconnect from localhost[127.0.0.1]
Sep 9 13:00:01 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:00:01 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 13:00:01 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:00:01 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 13:00:01 www postfix/smtpd[3095]: connect from localhost[127.0.0.1]
Sep 9 13:00:01 www postfix/smtpd[3095]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 13:00:01 www postfix/smtpd[3095]: disconnect from localhost[127.0.0.1]
Sep 9 13:05:01 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:05:01 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 13:05:01 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:05:01 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 13:05:01 www postfix/smtpd[3172]: connect from localhost[127.0.0.1]
Sep 9 13:05:01 www postfix/smtpd[3172]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 13:05:01 www postfix/smtpd[3172]: disconnect from localhost[127.0.0.1]
Sep 9 13:10:02 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:10:02 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 13:10:02 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:10:02 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 13:10:02 www postfix/smtpd[3248]: connect from localhost[127.0.0.1]
Sep 9 13:10:02 www postfix/smtpd[3248]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 13:10:02 www postfix/smtpd[3248]: disconnect from localhost[127.0.0.1]
Sep 9 13:15:02 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:15:02 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 13:15:02 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:15:02 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 13:15:02 www postfix/smtpd[3312]: connect from localhost[127.0.0.1]
Sep 9 13:15:02 www postfix/smtpd[3312]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 13:15:02 www postfix/smtpd[3312]: disconnect from localhost[127.0.0.1]
Sep 9 13:20:01 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:20:01 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 13:20:01 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:20:01 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 13:20:01 www postfix/smtpd[3379]: connect from localhost[127.0.0.1]
Sep 9 13:20:01 www postfix/smtpd[3379]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 13:20:01 www postfix/smtpd[3379]: disconnect from localhost[127.0.0.1]
Sep 9 13:25:01 www pop3d: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:25:01 www pop3d: Disconnected, ip=[::ffff:127.0.0.1]
Sep 9 13:25:01 www imapd: Connection, ip=[::ffff:127.0.0.1]
Sep 9 13:25:01 www imapd: Disconnected, ip=[::ffff:127.0.0.1], time=0
Sep 9 13:25:01 www postfix/smtpd[3443]: connect from localhost[127.0.0.1]
Sep 9 13:25:01 www postfix/smtpd[3443]: lost connection after CONNECT from localhost[127.0.0.1]
Sep 9 13:25:01 www postfix/smtpd[3443]: disconnect from localhost[127.0.0.1]
Reply With Quote
Sponsored Links