Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > General

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 8th June 2010, 04:44
NetEndeavors NetEndeavors is offline
Junior Member
 
Join Date: Apr 2010
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default /var/log/maillog growing out of control -- not sure what I'm missing...

All,

My maillog is just growing out of control and I'm wondering what I can do to eliminate the crap messages as shown below

Thanks in advance!
Dave

Code:
Jun  7 21:36:43 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<stubbedc@redbrain.com> to=<g2210046@ms18.hinet.net> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:43 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<stubbedc@redbrain.com> to=<g2211@ms18.hinet.net> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:43 morel postfix/smtpd[10540]: NOQUEUE: reject: RCPT from unknown[112.166.173.186]: 450 4.7.1 <QFSEDRNVIK>: Helo command rejected: Host not found; from=<bowlingn@okdokay.com> to=<mail@patterson-robbins.com> proto=ESMTP helo=<QFSEDRNVIK>
Jun  7 21:36:43 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<stubbedc@redbrain.com> to=<g2683751@ms18.hinet.net> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:43 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<stubbedc@redbrain.com> to=<g2894@ms18.hinet.net> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:44 morel postfix/smtpd[10436]: NOQUEUE: reject: RCPT from unknown[186.84.129.95]: 450 4.7.1 <Dynamic-IP-1868412995.cable.net.co>: Helo command rejected: Host not found; from=<sarahc55@skepticult.org> to=<cassidy@syzygy.net> proto=ESMTP helo=<Dynamic-IP-1868412995.cable.net.co>
Jun  7 21:36:44 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<stubbedc@redbrain.com> to=<g2@ms18.hinet.net> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:44 morel postfix/smtpd[10436]: NOQUEUE: reject: RCPT from unknown[186.84.129.95]: 450 4.7.1 <Dynamic-IP-1868412995.cable.net.co>: Helo command rejected: Host not found; from=<sarahc55@skepticult.org> to=<casey@syzygy.net> proto=ESMTP helo=<Dynamic-IP-1868412995.cable.net.co>
Reply With Quote
Sponsored Links
  #2  
Old 8th June 2010, 16:47
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 37,015
Thanks: 840
Thanked 5,652 Times in 4,461 Posts
Default

Looks like a spam attack. Or the DNS servers in /etc/resolv.conf are not reachable.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 8th June 2010, 17:40
NetEndeavors NetEndeavors is offline
Junior Member
 
Join Date: Apr 2010
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Thanks till,

I just reconfigured and reverified my DNS settings and did nslookups on each nameserver specified.... All checked out fine there....

Any ideas what to configure to suppress these messages? Or fail2ban rules I can put in place to curtail them?

Dave
Reply With Quote
  #4  
Old 8th June 2010, 17:45
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 100 Times in 96 Posts
Default

Looks like a spammer indeed .. might want to add some rbl checks in your config

just set your logrotator on daily or something, if the files tend to get to big.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
setting up a media server centos 5.2 asphix20 HOWTO-Related Questions 2 9th December 2009 17:37
Backuppc : ssh always ask for password Trollineto Installation/Configuration 11 28th March 2008 15:09
required modules missing etag1949 Installation/Configuration 2 2nd June 2006 15:13
Help....package missing sbovisjb1 Installation/Configuration 3 31st March 2006 12:14
Webmin docs missing namit Server Operation 11 5th January 2006 10:51


All times are GMT +2. The time now is 03:36.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.