View Single Post
  #10  
Old 21st November 2006, 13:30
varnik varnik is offline
Junior Member
 
Join Date: Nov 2006
Posts: 12
Thanks: 0
Thanked 0 Times in 0 Posts
Default

The problem exists. The history is repeated. I have found strange lines in /var/log/mail.
Code:
#A client 192.168.1.27 tries to send a message as a10@brzen.de to the user support@brzen.de.
Nov 21 12:42:39 mail postfix/smtpd[2990]: connect from unknown[192.168.1.27]
Nov 21 12:42:39 mail postfix/smtpd[2990]: 56FE9105D: client=unknown[192.168.1.27]
Nov 21 12:42:39 mail postfix/cleanup[2988]: 56FE9105D: message-id=<001001c70d62$619f3b90$1b01a8c0@brzedom.brzen.de>
Nov 21 12:42:39 mail postfix/qmgr[2984]: 56FE9105D: from=<a10@brzen.de>, size=877, nrcpt=1 (queue active)
Nov 21 12:42:39 mail postfix/smtpd[2990]: disconnect from unknown[192.168.1.27]
# So the client is disconnected.

# Postfix does his job

Nov 21 12:42:57 mail postfix/smtpd[2985]: connect from localhost[127.0.0.1]
Nov 21 12:42:57 mail postfix/smtpd[2985]: D62C0104E: client=localhost[127.0.0.1]
Nov 21 12:42:57 mail postfix/cleanup[2988]: D62C0104E: message-id=<001001c70d62$619f3b90$1b01a8c0@brzdom.brzen.de>
Nov 21 12:42:57 mail postfix/qmgr[2984]: D62C0104E: from=<a10@brzen.de>, size=1274, nrcpt=1 (queue active)
Nov 21 12:42:57 mail postfix/smtpd[2985]: disconnect from localhost[127.0.0.1]
Nov 21 12:42:58 mail amavis[2578]: (02578-03) Passed CLEAN, [192.168.1.27] <a10@brzen.de> -> <support@brzen.de>, Message-ID: <001001c70d62$619f3b90$1b01a8c0@brzedom.brzen.de>, mail_id: CwYa7HKCzsfq, Hits: -4.399, 18319 ms
Nov 21 12:42:58 mail postfix/local[2989]: D62C0104E: to=<support@brzen.de>, relay=local, delay=1, status=sent (delivered to mailbox)
Nov 21 12:42:58 mail postfix/qmgr[2984]: D62C0104E: removed
Nov 21 12:42:58 mail postfix/smtp[2991]: 56FE9105D: to=<support@brzen.de>, relay=127.0.0.1[127.0.0.1], delay=19, status=sent (250 2.6.0 Ok, id=02578-03, from MTA([127.0.0.1]:10025): 250 Ok: queued as D62C0104E)
Nov 21 12:42:58 mail postfix/qmgr[2984]: 56FE9105D: removed
# The mail was proved by amavis and is just delivered.

# This is a dynamic ip-address (with the dynamically given hostname)
# The address doesn't exist in the configuration and 
# doesn't belong to our network.
Nov 21 12:44:46 mail popper[3010]: (v4.0.8) Servicing request from "p5494a610.dip0.t-ipconnect.de" at 84.148.166.16 [pop_init.c:1239]
Nov 21 12:44:55 mail popper[3010]: Stats: support 0 0 67 23861790 p5494a610.dip0.t-ipconnect.de 84.148.166.16 [pop_updt.c:301]
Nov 21 12:44:57 mail postfix/smtpd[2990]: connect from mx.odn.de[212.34.160.79]
Nov 21 12:44:58 mail postfix/smtpd[2990]: 8A81BC37: client=mx.odn.de[212.34.160.79]
Nov 21 12:44:58 mail postfix/cleanup[3011]: 8A81BC37: message-id=<001001c70d62$619f3b90$1b01a8c0@brzedom.brzen.de>
Nov 21 12:44:58 mail postfix/smtpd[2990]: disconnect from mx.odn.de[212.34.160.79]
Nov 21 12:44:58 mail postfix/qmgr[2984]: 8A81BC37: from=<a10@brzen.de>, size=2036, nrcpt=1 (queue active)
Nov 21 12:45:20 mail postfix/smtpd[3038]: connect from localhost[127.0.0.1]
Nov 21 12:45:20 mail postfix/smtpd[3038]: 96FEC104F: client=localhost[127.0.0.1]
Nov 21 12:45:20 mail postfix/cleanup[3011]: 96FEC104F: message-id=<001001c70d62$619f3b90$1b01a8c0@brzedom.brzen.de>
Nov 21 12:45:20 mail postfix/qmgr[2984]: 96FEC104F: from=<a10@brzen.de>, size=2433, nrcpt=1 (queue active)
Nov 21 12:45:20 mail postfix/smtpd[3038]: disconnect from localhost[127.0.0.1]
Nov 21 12:45:21 mail postfix/local[3039]: 96FEC104F: to=<support@brzen.de>, relay=local, delay=1, status=bounced (mail forwarding loop for support@bzn.de)
Nov 21 12:45:21 mail postfix/cleanup[3011]: 47D10105B: message-id=<20061121114521.47D10105B@mail.brzen.de>
Nov 21 12:45:21 mail amavis[2577]: (02577-03) Passed CLEAN, [84.148.166.16] <a10@brzen.de> -> <support@brzen.de>, Message-ID: <001001c70d62$619f3b90$1b01a8c0@brzdom.brzn.de>, mail_id: XowjCsoSec9X, Hits: -2.56, 20441 ms
Nov 21 12:45:21 mail postfix/qmgr[2984]: 47D10105B: from=<>, size=4075, nrcpt=1 (queue active)
Nov 21 12:45:21 mail postfix/qmgr[2984]: 96FEC104F: removed
Nov 21 12:45:21 mail postfix/smtp[3012]: 8A81BC37: to=<support@brzen.de>, relay=127.0.0.1[127.0.0.1], delay=24, status=sent (250 2.6.0 Ok, id=02577-03, from MTA([127.0.0.1]:10025): 250 Ok: queued as 96FEC104F)
Nov 21 12:45:21 mail postfix/qmgr[2984]: 8A81BC37: removed
Nov 21 12:45:22 mail postfix/local[3039]: 47D10105B: to=<a10@brzen.de>, relay=local, delay=1, status=sent (delivered to mailbox)
Nov 21 12:45:22 mail postfix/qmgr[2984]: 47D10105B: removed
Why does this unknown client try to send this email? Relay is only for RELAYHOST=mx.odn.de open. What do i false?

PS: I would speak german, because my english is poor. Will it be accepted?
__________________
Yours sincerely
Nik

Last edited by varnik; 5th December 2006 at 08:26.
Reply With Quote