View Single Post
  #9  
Old 6th April 2010, 20:12
Mole Mole is offline
Member
 
Join Date: Apr 2008
Location: Latvia
Posts: 83
Thanks: 1
Thanked 0 Times in 0 Posts
Default

Hello again!

Thanks for previous answers and suggestions....

I'm still trying to kill spam on my server... Lasts weeks in my postfix active directory there is 4000-10000 files... My server is busy, also http://www.mxtoolbox.com/SuperTool.a...tion=blacklist bad result (5-6 blacklists) ;-(

I reinstalled server, now I'm using Ubuntu server 9.10, last ispconfig...

Code:
/etc/postfix/main.cf:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

smtpd_banner = $myhostname ESMTP $mail_name
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no
readme_directory = no

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

myhostname = hostname.domain.lv
#alias_maps = hash:/etc/aliases
#alias_database = hash:/etc/aliases
myorigin = /etc/mailname
relayhost = 
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
message_size_limit = 20971520
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
smtpd_sasl_local_domain = 
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom

########
### MAPS:
########
virtual_maps = hash:/etc/postfix/virtusertable
mydestination = /etc/postfix/local-host-names
relay_recipient_maps = hash:/etc/postfix/relay_recipients
header_checks = pcre:/etc/postfix/header_checks.pcre
body_checks = pcre:/etc/postfix/body_checks.pcre
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

########
### My manual entries
########
disable_vrfy_command = yes
smtpd_helo_required = yes
strict_rfc821_envelopes = yes
smtpd_delay_reject = yes
smtpd_reject_unlisted_recipient = yes

########
#Error codes
########
unknown_address_reject_code = 554
unknown_hostname_reject_code = 554
unknown_client_reject_code = 554
invalid_hostname_reject_code = 554
multi_recipient_bounce_reject_code = 554
non_fqdn_reject_code = 554
relay_domains_reject_code = 554
unknown_local_recipient_reject_code = 554
unknown_relay_recipient_reject_code = 554
unknown_virtual_alias_reject_code = 554
unknown_virtual_mailbox_reject_code = 554
unverified_recipient_reject_code = 554
unverified_sender_reject_code = 554

smtpd_restriction_classes = verify_sender, from_freemail_host

from_freemail_host = check_client_access hash://etc/postfix/freemail_hosts,reject

verify_sender = reject_unverified_sender


smtpd_client_restrictions = permit_sasl_authenticated,permit_mynetworks,check_client_access hash:/etc/postfix/client_checks,reject_unknown_reverse_client_hostname

smtpd_helo_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_invalid_hostname,reject_unknown_helo_hostname,check_helo_access hash:/etc/postfix/helo_checks,regexp:/etc/postfix/helo.regexp

smtpd_sender_restrictions = reject_unknown_sender_domain,reject_non_fqdn_sender,permit_sasl_authenticated,permit_mynetworks,check_sender_access hash:/etc/postfix/sender_access,check_sender_access hash:/etc/postfix/freemail_access,reject_unauth_destination

smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_invalid_hostname,reject_unauth_pipelining,reject_unknown_recipient_domain,reject_non_fqdn_recipient,check_recipient_access pcre:/etc/postfix/recipient_checks.pcre,check_policy_service inet:127.0.0.1:6000,check_sender_access hash:/etc/postfix/verify_sender.map,reject_non_fqdn_hostname,reject_invalid_hostname,reject_unverified_recipient,reject_rbl_client cbl.abuseat.org,reject_rbl_client sbl.spamhaus.org,reject_rbl_client pbl.spamhaus.org,reject_rbl_client multi.uribl.com,reject_rbl_client dsn.rfc-ignorant.org,reject_rbl_client bogusmx.rfc-ignorant.org,reject_rbl_client list.dsbl.org,reject_rbl_client zen.spamhaus.org,reject_rbl_client dnsbl-1.uceprotect.net,permit
I informed customers to change passwords to "Strong_passwords"...

Testing http://verify.abuse.net/cgi-bin/relaytest for Open relay - My server is not open relay...

I do not manage dns records on my server, dns records, if customer like, are managed out of my server.

Server is checked with: lynis, chkrootkit, rkhunter.

Server also is configured with Spamassasin, Postrgrey, Clamavis, Mailscanner (for graphical report), munin, monit and cactis.

It seems that some-one is sending spams "from" my server despite the fact that server is not open relay, and "non-existing" receivers send back e-mails that e-mail can not be sent...

Any more ideas what else could be the problem? ;-O

EDITED:
Such "mails" are in my postfix active dorectory:
Code:
CO           3600            4946              48               0            2972T1270261376 996574Srcklycnh1@gmail.comAcreate_time=1270261377Arewrite_context=remoteAsasl_method=LOGINAsasl_username=infoA.log_client_name=ml82.128.19.157.multilinks.comA log_client_address=82.128.19.157Alog_client_port=4624A@log_message_origin=ml82.128.19.157.multilinks.com[82.128.19.157]Alog_helo_name=UserAlog_protocol_name=ESMTPA*client_name=ml82.128.19.157.multilinks.comA2reverse_client_name=ml82.128.19.157.multilinks.comAclient_address=82.128.19.157Aclient_port=4624Ahelo_name=UserAprotocol_name=ESMTPAclient_address_type=2A.dsn_orig_rcpt=rfc822;byezg.qfryf@msa.hinet.netObyezg.qfryf@msa.hinet.netDbyezg.qfryf@msa.hinet.netA$dsn_orig_rcpt=rfc822;byf8h@yahoo.comObyf8h@yahoo.comDbyf8h@yahoo.comA7dsn_orig_rcpt=rfc822;byfypudolo1545@comcastbusiness.netO"byfypudolo1545@comcastbusiness.netR"byfypudolo1545@comcastbusiness.netA/dsn_orig_rcpt=rfc822;byfyyatoey1195@vsnl.net.inObyfyyatoey1195@vsnl.net.inDbyfyyatoey1195@vsnl.net.inA)dsn_orig_rcpt=rfc822;by-george@excite.comOby-george@excite.comDby-george@excite.comA,dsn_orig_rcpt=rfc822;bygolwhiteboy@yahoo.comObygolwhiteboy@yahoo.comDbygolwhiteboy@yahoo.comA#dsn_orig_rcpt=rfc822;bygosh@aol.comObygosh@aol.comDbygosh@aol.comA*dsn_orig_rcpt=rfc822;bygrace@bewellnet.comObygrace@bewellnet.comRbygrace@bewellnet.comA+dsn_orig_rcpt=rfc822;bygrace@mail.ftc-i.netObygrace@mail.ftc-i.netRbygrace@mail.ftc-i.netA2dsn_orig_rcpt=rfc822;byhalialady1948@wmconnect.comObyhalialady1948@wmconnect.comDbyhalialady1948@wmconnect.comA+dsn_orig_rcpt=rfc822;byhisgrace61@yahoo.comObyhisgrace61@yahoo.comDbyhisgrace61@yahoo.comA,dsn_orig_rcpt=rfc822;byington420la@yahoo.comObyington420la@yahoo.comDbyington420la@yahoo.comA/dsn_orig_rcpt=rfc822;byinoobiusixae@fadmail.comObyinoobiusixae@fadmail.comDbyinoobiusixae@fadmail.comA&dsn_orig_rcpt=rfc822;byisi9640@vtr.netObyisi9640@vtr.netDbyisi9640@vtr.netA&dsn_orig_rcpt=rfc822;by-jess@lycos.comOby-jess@lycos.comDby-jess@lycos.comA#dsn_orig_rcpt=rfc822;byjr1@juno.comObyjr1@juno.comDbyjr1@juno.comA0dsn_orig_rcpt=rfc822;byjuksjcodxb@bpplawcorp.comObyjuksjcodxb@bpplawcorp.comDbyjuksjcodxb@bpplawcorp.comA(dsn_orig_rcpt=rfc822;bykoveho2870@iol.czObykoveho2870@iol.czDbykoveho2870@iol.czA-dsn_orig_rcpt=rfc822;bykutuditu2091@otenet.grObykutuditu2091@otenet.grDbykutuditu2091@otenet.grA'dsn_orig_rcpt=rfc822;bylcat@hotmail.comObylcat@hotmail.comDbylcat@hotmail.comA*dsn_orig_rcpt=rfc822;bylinefkk@company.comObylinefkk@company.comDbylinefkk@company.comA,dsn_orig_rcpt=rfc822;bymdragon88@verizon.netObymdragon88@verizon.netDbymdragon88@verizon.netA$dsn_orig_rcpt=rfc822;bynch@lycos.comObynch@lycos.comDbynch@lycos.comA.dsn_orig_rcpt=rfc822;bynortzorin@sbcglobal.netObynortzorin@sbcglobal.netDbynortzorin@sbcglobal.netA'dsn_orig_rcpt=rfc822;byojab8152@ono.comObyojab8152@ono.comDbyojab8152@ono.comA)dsn_orig_rcpt=rfc822;byorks37@netzero.comObyorks37@netzero.comDbyorks37@netzero.comA,dsn_orig_rcpt=rfc822;byounce2001@hotmail.comObyounce2001@hotmail.comDbyounce2001@hotmail.comA'dsn_orig_rcpt=rfc822;byoung@3rivers.netObyoung@3rivers.netDbyoung@3rivers.netA'dsn_orig_rcpt=rfc822;byoung0103@aol.comObyoung0103@aol.comRbyoung0103@aol.comA+dsn_orig_rcpt=rfc822;byoung30@austin.rr.comObyoung30@austin.rr.comRbyoung30@austin.rr.comA*dsn_orig_rcpt=rfc822;byoung35214@yahoo.comObyoung35214@yahoo.comDbyoung35214@yahoo.comA)dsn_orig_rcpt=rfc822;byoungparker@aol.comObyoungparker@aol.comDbyoungparker@aol.comA'dsn_orig_rcpt=rfc822;byovith@netbox.comObyovith@netbox.comDbyovith@netbox.comA.dsn_orig_rcpt=rfc822;bypassing@redwinter.co.ukObypassing@redwinter.co.ukDbypassing@redwinter.co.ukA,dsn_orig_rcpt=rfc822;bypassingh@shuheian.comObypassingh@shuheian.comDbypassingh@shuheian.comA&dsn_orig_rcpt=rfc822;bypresume@aol.comObypresume@aol.comDbypresume@aol.comA9dsn_orig_rcpt=rfc822;byproductuni4@lescordeliershotel.comO$byproductuni4@lescordeliershotel.comR$byproductuni4@lescordeliershotel.comA#dsn_orig_rcpt=rfc822;byrd4a@aol.comObyrd4a@aol.comRbyrd4a@aol.comA'dsn_orig_rcpt=rfc822;byrd56@comcast.netObyrd56@comcast.netRbyrd56@comcast.netA&dsn_orig_rcpt=rfc822;byrdbelle@aol.comObyrdbelle@aol.comDbyrdbelle@aol.comA'dsn_orig_rcpt=rfc822;byrdiegrl2@aol.comObyrdiegrl2@aol.comDbyrdiegrl2@aol.comA(dsn_orig_rcpt=rfc822;byrne_dz@willett.noObyrne_dz@willett.noDbyrne_dz@willett.noA(dsn_orig_rcpt=rfc822;byrne_rh@fastweb.itObyrne_rh@fastweb.itDbyrne_rh@fastweb.itA(dsn_orig_rcpt=rfc822;byrne_xp@macnews.deObyrne_xp@macnews.deDbyrne_xp@macnews.deA+dsn_orig_rcpt=rfc822;byrnevm@dvb-brasil.orgObyrnevm@dvb-brasil.orgRbyrnevm@dvb-brasil.orgA&dsn_orig_rcpt=rfc822;byron@balu.com.twObyron@balu.com.twDbyron@balu.com.twA'dsn_orig_rcpt=rfc822;byronicy4@ragg.comObyronicy4@ragg.comDbyronicy4@ragg.comA0dsn_orig_rcpt=rfc822;byronnursingadmin@gmail.comObyronnursingadmin@gmail.comDbyronnursingadmin@gmail.comM
Interesting that this "client" IP is blocked with iptables:
Code:
iptables -A INPUT -s 82.128.18.0/23 -j DROP
iptables -A OUTPUT -d 82.128.18.0/23 -j DROP
iptables -A INPUT -s 82.128.83.46 -j DROP
iptables -A OUTPUT -d 82.128.83.46 -j DROP
iptables -A INPUT -s 82.128.83.49 -j DROP
iptables -A OUTPUT -d 82.128.83.49 -j DROP
iptables -A INPUT -s 82.128.20.59 -j DROP
iptables -A OUTPUT -d 82.128.20.59 -j DROP
Also this ip is blocked using /etc/postfix/client_access:
Code:
#Always allow my host
MY-IP OK

#Whitelist
GOOD-IP OK

# Using a domain name

#Block concrete IP addresses
196.46.245.21 DROP
41.28.220.193 DROP
41.211.228.122 DROP
41.211.228.232 DROP
41.211.238.145 DROP
82.128.83.46 DROP
82.128.83.49 DROP
82.128.18.0/23 DROP
82.128.20.59 DROP
here is mail.warn log:
Code:
Apr  7 15:22:46 ardweb01 postfix/smtp[15468]: warning: numeric domain name in resource data of MX record for hostelturf.com: 67.102.46.122
Apr  7 15:23:01 ardweb01 postfix/qmgr[15293]: warning: mail for gmail.com is using up 4146 of 5229 active queue entries
Apr  7 15:23:01 ardweb01 postfix/qmgr[15293]: warning: this may slow down other mail deliveries
Apr  7 15:23:01 ardweb01 postfix/qmgr[15293]: warning: you may need to increase the main.cf smtp_destination_concurrency_limit from 20
Apr  7 15:23:01 ardweb01 postfix/qmgr[15293]: warning: please avoid flushing the whole queue when you have
Apr  7 15:23:01 ardweb01 postfix/qmgr[15293]: warning: lots of deferred mail, that is bad for performance
Apr  7 15:23:01 ardweb01 postfix/qmgr[15293]: warning: to turn off these warnings specify: qmgr_clog_warn_time = 0
Apr  7 15:23:19 ardweb01 postfix/smtp[18721]: warning: no MX host for gmaul.com has a valid address record
Apr  7 15:24:31 ardweb01 postfix/smtp[19229]: warning: no MX host for rigbyco.com has a valid address record
Apr  7 15:27:37 ardweb01 postfix/smtp[18709]: warning: no MX host for jpost.co.il has a valid address record
Apr  7 15:28:01 ardweb01 postfix/qmgr[15293]: warning: mail for gmail.com is using up 4059 of 4656 active queue entries
Apr  7 15:28:01 ardweb01 postfix/qmgr[15293]: warning: this may slow down other mail deliveries
Apr  7 15:28:01 ardweb01 postfix/qmgr[15293]: warning: you may need to increase the main.cf smtp_destination_concurrency_limit from 20
Apr  7 15:28:01 ardweb01 postfix/qmgr[15293]: warning: please avoid flushing the whole queue when you have
Apr  7 15:28:01 ardweb01 postfix/qmgr[15293]: warning: lots of deferred mail, that is bad for performance
Apr  7 15:28:01 ardweb01 postfix/qmgr[15293]: warning: to turn off these warnings specify: qmgr_clog_warn_time = 0
Apr  7 15:29:14 ardweb01 postfix/smtp[20368]: warning: numeric domain name in resource data of MX record for mail.intellect.com.tw: 211.75.226.154
Apr  7 15:30:21 ardweb01 postfix/smtp[20397]: warning: numeric domain name in resource data of MX record for chinawangtai.com: 203.88.192.62
Apr  7 15:30:42 ardweb01 postfix/smtp[15526]: warning: numeric domain name in resource data of MX record for aurora.il.us: 64.195.1.137
Apr  7 15:32:46 ardweb01 postfix/smtp[20285]: warning: tls_text_name: mail.loversline.de[194.187.140.2]:25: peer certificate has no issuer Organization
Apr  7 15:32:46 ardweb01 postfix/smtp[20285]: warning: tls_text_name: mail.loversline.de[194.187.140.2]:25: peer certificate has no subject CN
Apr  7 15:34:16 ardweb01 postfix/smtp[19160]: warning: no MX host for gmaii.com has a valid address record
Apr  7 15:35:46 ardweb01 postfix/smtpd[20986]: warning: 83.150.207.253: hostname 253-207-150-83.customers.iber-x.net verification failed: Name or service not known
Apr  7 15:48:19 ardweb01 postfix/smtp[22044]: warning: numeric domain name in resource data of MX record for sur-design.com: 66.92.134.116
Apr  7 15:48:44 ardweb01 postfix/smtp[22105]: warning: no MX host for aol.cm has a valid address record
Apr  7 15:49:22 ardweb01 postfix/smtp[22045]: warning: no MX host for dma.mil has a valid address record
Apr  7 15:49:25 ardweb01 postfix/smtpd[22138]: warning: 78.155.47.46: hostname adsl-new47-l47.crnagora.net verification failed: Name or service not known
Apr  7 15:49:35 ardweb01 postfix/smtp[22029]: warning: numeric domain name in resource data of MX record for greenmatrix.net: 204.247.178.85
Apr  7 15:49:58 ardweb01 postfix/smtp[22064]: warning: no MX host for dma.mil has a valid address record
Apr  7 15:53:03 ardweb01 postfix/smtp[22498]: warning: numeric domain name in resource data of MX record for kflc.ac.kr: 218.149.189.119
Apr  7 15:53:10 ardweb01 postfix/smtp[22496]: warning: numeric domain name in resource data of MX record for audiointercomservices.com: 69.22.252.49
Apr  7 15:53:19 ardweb01 postfix/smtp[22046]: warning: no MX host for futurephoto.com has a valid address record
Apr  7 15:54:38 ardweb01 postfix/smtp[22506]: warning: numeric domain name in resource data of MX record for kflc.ac.kr: 218.149.189.119
Apr  7 15:54:54 ardweb01 postfix/smtp[22020]: warning: numeric domain name in resource data of MX record for pyramidcoach.com: 68.74.53.33
Apr  7 15:55:10 ardweb01 postgrey[3073]: whitelisted: mailfe02.swip.net[212.247.154.33]
Apr  7 15:55:21 ardweb01 postfix/smtp[22469]: warning: tls_text_name: starburstcom.com[62.241.60.2]:25: peer certificate has no issuer Organization
Apr  7 15:55:21 ardweb01 postfix/smtp[22469]: warning: tls_text_name: starburstcom.com[62.241.60.2]:25: peer certificate has no subject CN
Apr  7 15:55:21 ardweb01 postfix/smtp[22518]: warning: no MX host for uoguelph.ca has a valid address record
Apr  7 15:55:41 ardweb01 postfix/smtp[22517]: warning: no MX host for cirpack.fr has a valid address record
Apr  7 15:55:57 ardweb01 postfix/smtp[22498]: warning: no MX host for uoguelph.ca has a valid address record
Apr  7 15:56:54 ardweb01 postgrey[3073]: whitelisted: mailfe06.swip.net[212.247.154.161]
Apr  7 15:58:02 ardweb01 postfix/smtp[22505]: warning: numeric domain name in resource data of MX record for mail.ctin.ac.cn: 218.70.66.117
Apr  7 15:58:08 ardweb01 postfix/smtp[22529]: warning: no MX host for futurephoto.com has a valid address record
Apr  7 16:00:12 ardweb01 postfix/smtp[22064]: warning: numeric domain name in resource data of MX record for sgrow.com: 64.22.126.33
Apr  7 16:00:23 ardweb01 postfix/smtp[22468]: warning: no MX host for uoguelph.ca has a valid address record
Apr  7 16:03:11 ardweb01 postfix/smtp[22445]: warning: no MX host for ragingbull.com has a valid address record
Apr  7 16:05:28 ardweb01 postfix/smtp[22532]: warning: numeric domain name in resource data of MX record for unidocsys.com: 131.210.4.32
Apr  7 16:05:28 ardweb01 postfix/smtp[22494]: warning: numeric domain name in resource data of MX record for xteamlinux.com.cn: 211.153.184.18
Apr  7 16:05:30 ardweb01 postfix/smtp[22064]: warning: no MX host for aol.cm has a valid address record
Apr  7 16:08:04 ardweb01 postfix/smtp[22445]: warning: no MX host for uoguelph.ca has a valid address record
Apr  7 16:08:34 ardweb01 postfix/smtp[22531]: warning: numeric domain name in resource data of MX record for 168market.com: 209.164.15.45
Apr  7 16:08:35 ardweb01 postfix/smtp[22505]: warning: numeric domain name in resource data of MX record for cubexs.net.pk: 202.63.215.14
Apr  7 16:09:52 ardweb01 postfix/smtp[21664]: warning: no MX host for dma.mil has a valid address record
Apr  7 16:10:18 ardweb01 postfix/smtp[22053]: warning: no MX host for uoguelph.ca has a valid address record
Apr  7 16:10:56 ardweb01 postfix/smtp[22019]: warning: numeric domain name in resource data of MX record for laitai.com: 211.157.1.130
Apr  7 16:11:08 ardweb01 postfix/smtp[22525]: warning: numeric domain name in resource data of MX record for mm459.com: 207.111.216.142
Apr  7 16:11:08 ardweb01 postfix/smtp[22525]: warning: numeric domain name in resource data of MX record for mm459.com: 207.111.216.142
Apr  7 16:11:52 ardweb01 postfix/smtp[22498]: warning: no MX host for futurephoto.com has a valid address record
Apr  7 16:12:05 ardweb01 postfix/smtp[22060]: warning: no MX host for dma.mil has a valid address record
Apr  7 16:12:17 ardweb01 postfix/smtpd[25558]: warning: 78.155.37.159: hostname adsl-new37-l160.crnagora.net verification failed: Name or service not known
mail.log:
Code:
Apr  7 16:34:19 mydomain postfix/error[27490]: E68C346EDF: to=<jls321@cox.net>, relay=none, delay=383814, delays=383296/517/0/0.66, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mx.east.cox.net[68.1.17.3] refused to talk to me: 554 eastrmimpi05.cox.net IMP [MY_IP] blocked.  Error Code: IPBL0100 - Refer to Error Codes section at http://postmaster.cox.net/confluence/display/postmaster/Error+Codes for more information.)
Apr  7 16:34:19 mydomain postfix/error[27384]: 0BDC744F6D: to=<eclark_wworks@yahoo.com>, relay=none, delay=126914, delays=126389/523/0/1.8, dsn=4.7.0, status=deferred (delivery temporarily suspended: host d.mx.mail.yahoo.com[209.191.88.254] refused to talk to me: 421 4.7.0 [TS01] Messages from [MY_IP] temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
Apr  7 16:34:19 mydomain postfix/smtp[25996]: AA3A942DEF: host idcmail-mx2no.cg.shawcable.net[64.59.134.8] refused to talk to me: 554-idcmail.shaw.ca 554 Your connection from [MY_IP] has been rejected due to poor reputation.
Apr  7 16:34:19 mydomain postfix/error[27440]: 0C2E045D93: to=<ditongaje@yahoo.com>, relay=none, delay=385201, delays=384676/524/0/0.38, dsn=4.7.0, status=deferred (delivery temporarily suspended: host d.mx.mail.yahoo.com[209.191.88.254] refused to talk to me: 421 4.7.0 [TS01] Messages from [MY_IP] temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
Apr  7 16:34:19 mydomain postfix/smtp[26048]: A995646DFD: host smtp.secureserver.net[216.69.186.201] refused to talk to me: 554-m1pismtp01-022.prod.mesa1.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
Apr  7 16:34:19 mydomain postfix/smtp[26081]: connect to maninet.com[82.98.86.167]:25: Connection timed out
Apr  7 16:34:19 mydomain postfix/smtp[26058]: A995646DFD: host hrndva-smtpin01.mail.rr.com[71.74.56.243] refused to talk to me: 554 5.7.1 - ERROR: Mail refused - <[MY_IP]> - See http://security.rr.com/cgi-bin/block-lookup?[MY_IP]
Apr  7 16:34:19 mydomain postfix/error[27493]: 6324F44DB6: to=<jtepper@cox.net>, relay=none, delay=383710, delays=383461/248/0/0.52, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mx.east.cox.net[68.1.17.3] refused to talk to me: 554 eastrmimpi05.cox.net IMP [MY_IP] blocked.  Error Code: IPBL0100 - Refer to Error Codes section at http://postmaster.cox.net/confluence/display/postmaster/Error+Codes for more information.)
Apr  7 16:34:19 mydomain postfix/error[27449]: 139F043032: to=<waltkuper@cox.net>, relay=none, delay=131452, delays=130934/517/0/0.93, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mx.east.cox.net[68.1.17.3] refused to talk to me: 554 eastrmimpi05.cox.net IMP [MY_IP] blocked.  Error Code: IPBL0100 - Refer to Error Codes section at http://postmaster.cox.net/confluence/display/postmaster/Error+Codes for more information.)
Apr  7 16:34:19 mydomain postfix/error[27424]: A3CEF41BD3: to=<ghulb001@cox.net>, relay=none, delay=384481, delays=384233/247/0/0.48, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mx.east.cox.net[68.1.17.3] refused to talk to me: 554 eastrmimpi05.cox.net IMP [MY_IP] blocked.  Error Code: IPBL0100 - Refer to Error Codes section at http://postmaster.cox.net/confluence/display/postmaster/Error+Codes for more information.)
Apr  7 16:34:19 mydomain postfix/error[27421]: 087C5468EB: to=<dollarselloff@yahoo.com>, relay=none, delay=425667, delays=425142/524/0/0.74, dsn=4.7.0, status=deferred (delivery temporarily suspended: host d.mx.mail.yahoo.com[209.191.88.254] refused to talk to me: 421 4.7.0 [TS01] Messages from [MY_IP] temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
Apr  7 16:34:19 mydomain postfix/error[27459]: AB1D646B4B: to=<jimfus@cox.net>, relay=none, delay=423642, delays=423395/247/0/0.46, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mx.east.cox.net[68.1.17.3] refused to talk to me: 554 eastrmimpi05.cox.net IMP [MY_IP] blocked.  Error Code: IPBL0100 - Refer to Error Codes section at http://postmaster.cox.net/confluence/display/postmaster/Error+Codes for more information.)
Apr  7 16:34:19 mydomain postfix/error[27381]: 3D5C642037: to=<zenithhuizar@yahoo.com>, relay=none, delay=131137, delays=130606/528/0/3.4, dsn=4.7.0, status=deferred (delivery temporarily suspended: host d.mx.mail.yahoo.com[209.191.88.254] refused to talk to me: 421 4.7.0 [TS01] Messages from [MY_IP] temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
Apr  7 16:34:19 mydomain postfix/error[27489]: 91A1A456FA: to=<coreydunson@yahoo.com>, relay=none, delay=385572, delays=385049/523/0/0.42, dsn=4.7.0, status=deferred (delivery temporarily suspended: host d.mx.mail.yahoo.com[209.191.88.254] refused to talk to me: 421 4.7.0 [TS01] Messages from [MY_IP] temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)

Last edited by Mole; 7th April 2010 at 16:15.
Reply With Quote