View Single Post
  #1  
Old 27th February 2011, 00:55
DantePasquale DantePasquale is offline
Senior Member
 
Join Date: Feb 2007
Location: Lakewood, OH US
Posts: 108
Thanks: 10
Thanked 3 Times in 3 Posts
Send a message via AIM to DantePasquale
Default Bombarded with e-mails "Undelivered Return To Sender"

Urgent help needed. My server is getting bombarded with e-mails with the subject "Undelivered Return To Sender".

I checked for open relay and it comes back negative. Has my smtp auth been compromised?

What is the recommended course of action for these when running ISPConfig 3.0.3 and Ubuntu 10.04-64???


Here's one of the e-mails (viewed with Thunderbird):
Code:
Return-Path: <MAILER-DAEMON>
Delivered-To: webadmin@cocoanet.us
Received: by inferno.cocoanet.us (Postfix)
	id C8F78F6751; Sat, 26 Feb 2011 09:54:22 -0500 (EST)
Date: Sat, 26 Feb 2011 09:54:22 -0500 (EST)
From: MAILER-DAEMON@inferno.cocoanet.us (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: webmaster@cocoanet.us
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
	boundary="76FD4F675F.1298732062/inferno.cocoanet.us"
Content-Transfer-Encoding: 8bit
Message-Id: <20110226145422.C8F78F6751@inferno.cocoanet.us>

This is a MIME-encapsulated message.

--76FD4F675F.1298732062/inferno.cocoanet.us
Content-Description: Notification
Content-Type: text/plain; charset=us-ascii

This is the mail system at host inferno.cocoanet.us.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<"teamropin@juno.com;jppotg@lantic.net;trevor_trevorpetford@yahoo.ca;yazzy_baby@live.com;joker.poker@blueyonder.co.uk;tranquility1015@aol.com;stanleyhalpern@aol.com;wallyolson1@aol.com;richhollenshead@aol.com;lvfreedman@comcast.net;vaneesa1@sbcglobal.net;lindayoo@comcast.net;tjwhitten@charter.net;elisebjax@aol.com;george.sandoval@usa.dupont.com;joe_blumenzweig"@fsafood.com>:
    host inspector2.fsafood.com[206.221.20.97] said: 554 5.7.1
    <teamropin@juno.com;jppotg@lantic.net;trevor_trevorpetford@yahoo.ca;yazzy_baby@live.com;joker.poker@blueyonder.co.uk;tranquility1015@aol.com;stanleyhalpern@aol.com;wallyolson1@aol.com;richhollenshead@aol.com;lvfreedman@comcast.net;vaneesa1@sbcglobal.net;lindayoo@comcast.net;tjwhitten@charter.net;elisebjax@aol.com;george.sandoval@usa.dupont.com;joe_blumenzweig@fsafood.com>:
    Relay access denied (in reply to RCPT TO command)

--76FD4F675F.1298732062/inferno.cocoanet.us
Content-Description: Delivery report
Content-Type: message/delivery-status

Reporting-MTA: dns; inferno.cocoanet.us
X-Postfix-Queue-ID: 76FD4F675F
X-Postfix-Sender: rfc822; webmaster@cocoanet.us
Arrival-Date: Sat, 26 Feb 2011 09:54:20 -0500 (EST)

Final-Recipient: rfc822; "teamropin@juno.com;jppotg@lantic.net;trevor_trevorpetford@yahoo.ca;yazzy_baby@live.com;joker.poker@blueyonder.co.uk;tranquility1015@aol.com;stanleyhalpern@aol.com;wallyolson1@aol.com;richhollenshead@aol.com;lvfreedman@comcast.net;vaneesa1@sbcglobal.net;lindayoo@comcast.net;tjwhitten@charter.net;elisebjax@aol.com;george.sandoval@usa.dupont.com;joe_blumenzweig"@fsafood.com
Original-Recipient: rfc822;"teamropin@juno.com;jppotg@lantic.net;trevor_trevorpetford@yahoo.ca;yazzy_baby@live.com;joker.poker@blueyonder.co.uk;tranquility1015@aol.com;stanleyhalpern@aol.com;wallyolson1@aol.com;richhollenshead@aol.com;lvfreedman@comcast.net;vaneesa1@sbcglobal.net;lindayoo@comcast.net;tjwhitten@charter.net;elisebjax@aol.com;george.sandoval@usa.dupont.com;joe_blumenzweig"@fsafood.com
Action: failed
Status: 5.7.1
Remote-MTA: dns; inspector2.fsafood.com
Diagnostic-Code: smtp; 554 5.7.1
    <teamropin@juno.com;jppotg@lantic.net;trevor_trevorpetford@yahoo.ca;yazzy_baby@live.com;joker.poker@blueyonder.co.uk;tranquility1015@aol.com;stanleyhalpern@aol.com;wallyolson1@aol.com;richhollenshead@aol.com;lvfreedman@comcast.net;vaneesa1@sbcglobal.net;lindayoo@comcast.net;tjwhitten@charter.net;elisebjax@aol.com;george.sandoval@usa.dupont.com;joe_blumenzweig@fsafood.com>:
    Relay access denied

--76FD4F675F.1298732062/inferno.cocoanet.us
Content-Description: Undelivered Message
Content-Type: message/rfc822
Content-Transfer-Encoding: 8bit

Return-Path: <webmaster@cocoanet.us>
Received: from localhost (inferno.cocoanet.us [127.0.0.1])
	by inferno.cocoanet.us (Postfix) with ESMTP id 76FD4F675F;
	Sat, 26 Feb 2011 09:54:20 -0500 (EST)
X-Virus-Scanned: Debian amavisd-new at inferno.cocoanet.us
X-Amavis-Alert: BAD HEADER SECTION, Improper use of control character (char 0D
	hex): Message-ID: <6B0E5B538F21819EE718A5A0A2A6A477@www.cocoanet.us>\r
Received: from inferno.cocoanet.us ([127.0.0.1])
	by localhost (inferno.cocoanet.us [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id RlnvqP0nyvCt; Sat, 26 Feb 2011 09:54:20 -0500 (EST)
Received: by inferno.cocoanet.us (Postfix, from userid 33)
	id 64925F6761; Sat, 26 Feb 2011 09:54:20 -0500 (EST)
To: lindayoo@comcast.net
Subject: Health Women and Men {erection, weight loss}. +Discounts for big order!
Message-ID: <6B0E5B538F21819EE718A5A0A2A6A477@www.cocoanet.us>
From: <17739834187@www.cocoanet.us>
To: <"teamropin@juno.com;jppotg@lantic.net;trevor_trevorpetford@yahoo.ca;yazzy_baby@live.com;joker.poker@blueyonder.co.uk;tranquility1015@aol.com;stanleyhalpern@aol.com;wallyolson1@aol.com;richhollenshead@aol.com;lvfreedman@comcast.net;vaneesa1@sbcglobal.net;lindayoo@comcast.net;tjwhitten@charter.net;elisebjax@aol.com;george.sandoval@usa.dupont.com;joe_blumenzweig"@fsafood.com>
Subject: Health Women and Men {erection, weight loss}. +Discounts for big order!
Date: Sat, 26 Feb 2011 09:54:17 -0500
MIME-Version: 1.0
Content-Type: multipart/alternative;
	boundary="----=_NextPart_000_0064_5B925BDB.8DC1E69D"


------=_NextPart_000_0064_5B925BDB.8DC1E69D
Content-Type: text/html;
	charset="utf-8"
Content-Transfer-Encoding: 8bit

<HTML>
<HEAD>
<META http-equiv=Content-Type content="text/html; charset=utf-8">
</HEAD>
<BODY>
<DIV align=center><font face="Arial, Helvetica, sans-serif" size=5 color=980001>Reputed pharmstore </font><!-- A x==qsU G.(
CV   ZoJC(wzQ
gBZ h .Y  NB=  Q)BR )UJ=C= lsEoI. KD X sxbcF.B
a .cUkm F(lxT_
blah, blah, blah...



------=_NextPart_000_0064_5B925BDB.8DC1E69D--


--76FD4F675F.1298732062/inferno.cocoanet.us--
Here's a slice of the mail log:
Code:
Feb 26 17:44:17 inferno postfix/smtp[11547]: 400AFF686F: to=, relay=gateway-f2.isp.att.net[207.115.11.16]:25, delay=14, delays=0.01/7.3/5.8/0.58, dsn=5.0.0, status=bounced (host gateway-f2.isp.att.net[207.115.11.16] said: 501 local part too long near "kingdomheartz0x@aol.com;bernwag@roadrunner.com;m (in reply to RCPT TO command))
Feb 26 17:44:18 inferno postfix/smtp[11520]: B97F7F6880: to=, relay=gateway-f1.isp.att.net[204.127.217.16]:25, delay=13, delays=0.01/8.5/4.3/0.55, dsn=5.0.0, status=bounced (host gateway-f1.isp.att.net[204.127.217.16] said: 501 local part too long near "kingdomheartz0x@aol.com;bernwag@roadrunner.com;m (in reply to RCPT TO command))
Feb 26 17:44:18 inferno postfix/smtp[11511]: 0EE34F684A: host mailin-02.mx.aol.com[205.188.155.110] said: 421 4.2.1 MSG=: (RLY:NW) http://postmaster.info.aol.com/errors/421rlynw.html (in reply to end of DATA command)
Feb 26 17:44:18 inferno postfix/smtp[11515]: C9BCFF6888: to=, relay=gateway-f2.isp.att.net[207.115.11.16]:25, conn_use=2, delay=8.6, delays=0.01/5.7/2.3/0.57, dsn=5.0.0, status=bounced (host gateway-f2.isp.att.net[207.115.11.16] said: 501 local part too long near "kingdomheartz0x@aol.com;bernwag@roadrunner.com;m (in reply to RCPT TO command))
Feb 26 17:44:18 inferno postfix/smtp[11546]: 400AFF686F: host mailin-02.mx.aol.com[205.188.103.1] said: 421 4.2.1 MSG=: (RLY:NW) http://postmaster.info.aol.com/errors/421rlynw.html (in reply to end of DATA command)
Feb 26 17:44:18 inferno postfix/cleanup[11465]: CADD0F687C: message-id=<20110226224418.CADD0F687C@inferno.cocoanet.us>
Feb 26 17:44:18 inferno postfix/bounce[11569]: C9BCFF6888: sender non-delivery notification: CADD0F687C
Feb 26 17:44:18 inferno postfix/qmgr[4094]: CADD0F687C: from=<>, size=10725, nrcpt=1 (queue active)
Feb 26 17:44:18 inferno postfix/qmgr[4094]: C9BCFF6888: removed
Feb 26 17:44:18 inferno postfix/pipe[11548]: CADD0F687C: to=, orig_to=, relay=maildrop, delay=0.02, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered via maildrop service)
Feb 26 17:44:18 inferno postfix/qmgr[4094]: CADD0F687C: removed
Feb 26 17:44:19 inferno postfix/smtp[11555]: D2084F6884: to=, relay=gateway-f1.isp.att.net[204.127.217.16]:25, delay=15, delays=0.01/8.5/6.3/0, dsn=4.0.0, status=deferred (host gateway-f1.isp.att.net[204.127.217.16] refused to talk to me: 450 74.1.46.169 has too many connections ( 3 ) on frfwmxc08)
Feb 26 17:44:19 inferno postfix/smtp[11555]: D2084F6884: to=, relay=gateway-f1.isp.att.net[204.127.217.16]:25, delay=15, delays=0.01/8.5/6.3/0, dsn=4.0.0, status=deferred (host gateway-f1.isp.att.net[204.127.217.16] refused to talk to me: 450 74.1.46.169 has too many connections ( 3 ) on frfwmxc08)
Feb 26 17:44:20 inferno postfix/smtp[11523]: D2213F6845: to=, relay=mailin-03.mx.aol.com[64.12.137.169]:25, delay=16, delays=0.01/0.01/14/2.5, dsn=4.2.1, status=deferred (host mailin-03.mx.aol.com[64.12.137.169] said: 421 4.2.1 MSG=: (RLY:NW) http://postmaster.info.aol.com/errors/421rlynw.html (in reply to end of DATA command))
Feb 26 17:44:20 inferno postfix/cleanup[11465]: 118A5F6875: message-id=<20110226224420.118A5F6875@inferno.cocoanet.us>
Feb 26 17:44:20 inferno postfix/bounce[11545]: D2213F6845: sender non-delivery notification: 118A5F6875
Feb 26 17:44:20 inferno postfix/qmgr[4094]: 118A5F6875: from=<>, size=10720, nrcpt=1 (queue active)
Feb 26 17:44:20 inferno postfix/pipe[11548]: 118A5F6875: to=, orig_to=, relay=maildrop, delay=0.02, delays=0/0/0/0.02, dsn=2.0.0, status=sent (delivered via maildrop service)
Feb 26 17:44:20 inferno postfix/qmgr[4094]: 118A5F6875: removed
Feb 26 17:44:22 inferno postfix/smtp[11546]: 400AFF686F: to=, relay=mailin-01.mx.aol.com[205.188.59.194]:25, delay=18, delays=0.01/7.2/8.4/2.6, dsn=4.2.1, status=deferred (host mailin-01.mx.aol.com[205.188.59.194] said: 421 4.2.1 MSG=: (RLY:NW) http://postmaster.info.aol.com/errors/421rlynw.html (in reply to end of DATA command))
Feb 26 17:44:22 inferno postfix/cleanup[11465]: 8B91DF6875: message-id=<20110226224422.8B91DF6875@inferno.cocoanet.us>
Feb 26 17:44:22 inferno postfix/bounce[11569]: 400AFF686F: sender non-delivery notification: 8B91DF6875
Feb 26 17:44:22 inferno postfix/qmgr[4094]: 8B91DF6875: from=<>, size=10725, nrcpt=1 (queue active)
Feb 26 17:44:22 inferno postfix/pipe[11548]: 8B91DF6875: to=, orig_to=, relay=maildrop, delay=0.02, delays=0.01/0/0/0.02, dsn=2.0.0, status=sent (delivered via maildrop service)
Feb 26 17:44:22 inferno postfix/qmgr[4094]: 8B91DF6875: removed
Feb 26 17:44:22 inferno postfix/smtp[11511]: 0EE34F684A: to=, relay=mailin-04.mx.aol.com[205.188.103.2]:25, delay=19, delays=0.01/7.4/8.3/2.9, dsn=4.2.1, status=deferred (host mailin-04.mx.aol.com[205.188.103.2] said: 421 4.2.1 MSG=: (RLY:NW) http://postmaster.info.aol.com/errors/421rlynw.html (in reply to end of DATA command))
Feb 26 17:44:22 inferno postfix/cleanup[11465]: C0B53F67E9: message-id=<20110226224422.C0B53F67E9@inferno.cocoanet.us>
Feb 26 17:44:22 inferno postfix/bounce[11545]: 0EE34F684A: sender non-delivery notification: C0B53F67E9
Feb 26 17:44:22 inferno postfix/qmgr[4094]: C0B53F67E9: from=<>, size=10719, nrcpt=1 (queue active)
Feb 26 17:44:22 inferno postfix/pipe[11548]: C0B53F67E9: to=, orig_to=, relay=maildrop, delay=0.02, delays=0/0/0/0.01, dsn=2.0.0, status=sent (delivered via maildrop service)
Feb 26 17:44:22 inferno postfix/qmgr[4094]: C0B53F67E9: removed
Feb 26 17:44:26 inferno postfix/smtp[11540]: B97F7F6880: to=, relay=mx01.windstream.net[162.39.147.49]:25, delay=22, delays=0.01/0.01/7.4/14, dsn=2.0.0, status=sent (250 OK B6/F7-07924-C32896D4)
Feb 26 17:44:26 inferno postfix/cleanup[11465]: 61566F67C6: message-id=<20110226224426.61566F67C6@inferno.cocoanet.us>
Feb 26 17:44:26 inferno postfix/bounce[11569]: B97F7F6880: sender non-delivery notification: 61566F67C6
Feb 26 17:44:26 inferno postfix/qmgr[4094]: 61566F67C6: from=<>, size=10726, nrcpt=1 (queue active)
Feb 26 17:44:26 inferno postfix/qmgr[4094]: B97F7F6880: removed
Feb 26 17:44:26 inferno postfix/pipe[11548]: 61566F67C6: to=, orig_to=, relay=maildrop, delay=0.02, delays=0.01/0/0/0.02, dsn=2.0.0, status=sent (delivered via maildrop service)
Feb 26 17:44:26 inferno postfix/qmgr[4094]: 61566F67C6: removed
Feb 26 17:45:02 inferno imapd: Connection, ip=[::1]
Feb 26 17:45:02 inferno imapd: Disconnected, ip=[::1], time=0
Reply With Quote
Sponsored Links