Virtual Users And Domains With Postfix, Courier, MySQL And SquirrelMail (Debian Lenny

Discussion in 'HOWTO-Related Questions' started by warpengi, May 25, 2009.

  1. warpengi

    warpengi New Member

    I'm concerned that my implementation of this server has become compromised. I first noticed that some of my emails were not getting through. I'm not getting any bounces but the emails do not appear to arrive at their destination. In researching this I found that emails sent through my ISP's smtp server arrive at their destination but emails sent throuhg my smtp server may or may not. My ISP does not block outbound port 25.

    1. How do I find out if my IP or an IP range at my ISP has been blscklisted?
    2. How do I determine if my smtp server is acting as a relay for spam?
    3. how can I determine why my emails are not arriving at their destination?
    4. What can I read to understand the sometimes cryptic data in my mail log files?
    5. What is the meaning of the log data below and why are all those connections timing out?

    Any help with these questions would be greatly appreciated

    Looking at my mail.info and mail.log files I have several thousand lines of activity for one day only and I have only 3 accounts on this server all used by me. I only send about 2-3 emails per day on average.

    The following is a typical minute of activity from mail.log:

    May 24 07:37:02 debmail postfix/smtp[21779]: connect to server117.appriver.com[207.97.242.5]:25: Connection timed out
    May 24 07:37:02 debmail postfix/smtp[21779]: 1BF504413F: to=<k_elliec@gazellesports.com>, relay=none, delay=426929, delays=426869/0.04/60/0, dsn=4.4.1, status=deferred (connect to server117.appriver.com[207.97.242.5]:25: Connection timed out)
    May 24 07:37:02 debmail amavis[21631]: (21631-04) Blocked SPAM, [95.133.160.207] [95.133.160.207] <gadaarghbef@aargh.ca> -> <gadaarghbef@aargh.ca>, quarantine: C/spam-CkuQK7gyXfT6.gz, Message-ID: <20090524143648.9E2B54414B@debmail.aargh.ca>, mail_id: CkuQK7gyXfT6, Hits: 21.473, size: 5062, 12048 ms
    May 24 07:37:02 debmail postfix/smtp[21794]: 9E2B54414B: to=<gadaarghbef@aargh.ca>, relay=127.0.0.1[127.0.0.1]:10024, delay=15, delays=2.7/0/0/12, dsn=2.5.0, status=sent (250 2.5.0 Ok, id=21631-04, DISCARD(bounce.suppressed))
    May 24 07:37:02 debmail postfix/qmgr[10829]: 9E2B54414B: removed
    May 24 07:37:07 debmail postfix/smtp[21780]: connect to idcmail.shaw.ca[24.71.223.11]:25: Connection timed out
    May 24 07:37:07 debmail postfix/smtp[21786]: connect to mx.hdeshop.com[66.96.142.50]:25: Connection timed out
    May 24 07:37:07 debmail postfix/smtp[21783]: connect to sodemann.com.inbound15.mxlogic.net[208.65.144.13]:25: Connection timed out
    May 24 07:37:12 debmail postfix/smtp[21785]: connect to mailstore1.secureserver.net[64.202.166.11]:25: Connection timed out
    May 24 07:37:12 debmail postfix/smtp[21785]: 6A8B54415E: to=<dapperse811@usahvds.com>, relay=none, delay=206306, delays=206236/0.07/70/0, dsn=4.4.1, status=deferred (connect to mailstore1.secureserver.net[64.202.166.11]:25: Connection timed out)
    May 24 07:37:12 debmail postfix/smtp[21782]: connect to eforwardct2.name-services.com[65.74.168.218]:25: Connection timed out
    May 24 07:37:12 debmail postfix/smtp[21782]: 7E59144127: to=<proteani7@yourstoredot.com>, relay=none, delay=435377, delays=435307/0.06/70/0, dsn=4.4.1, status=deferred (connect to eforwardct2.name-services.com[65.74.168.218]:25: Connection timed out)
    May 24 07:37:12 debmail postfix/qmgr[10829]: 7E59144127: from=<>, status=expired, returned to sender
    May 24 07:37:12 debmail postfix/qmgr[10829]: 7E59144127: removed
    May 24 07:37:12 debmail postfix/smtp[21781]: connect to vmx.madriver.com.redcondor.net[65.19.91.88]:25: Connection timed out
    May 24 07:37:37 debmail postfix/smtp[21780]: connect to idcmail-mx1so.cg.shawcable.net[24.71.223.11]:25: Connection timed out
    May 24 07:37:37 debmail postfix/smtp[21786]: connect to mx.hdeshop.com[66.96.142.51]:25: Connection timed out
    May 24 07:37:37 debmail postfix/smtp[21783]: connect to sodemann.com.inbound15.mxlogicmx.net[208.65.145.12]:25: Connection timed out
    May 24 07:37:37 debmail postfix/smtp[21786]: 33E614416D: to=<support@hdeshop.com>, relay=none, delay=385002, delays=384907/0.08/95/0, dsn=4.4.1, status=deferred (connect to mx.hdeshop.com[66.96.142.51]:25: Connection timed out)
    May 24 07:37:42 debmail postfix/smtp[21781]: connect to vmx.madriver.com.redcondor.net[65.19.91.87]:25: Connection timed out
     
  2. falko

    falko Super Moderator

  3. warpengi

    warpengi New Member

    well that seems to be the problem. I'm on somebodies blacklist. Well, a range of IP addresses at my ISP are blacklisted and I'm within that range:(

    Thanks for the link:cool:
     

Share This Page