Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Moises R - OMTBA
Moises R - OMTBA Author
User level: Level 1
0 points

Mail Server Blacklisted & Spamming

Hi,


I have a 10.6 SLS server configured as a gateway (two IPs External & Internal) that suddenly is getting blacklisted and I don't know how or where I should be looking to identify the issue. The server has several services set up and is the main production server. My problem feels like the same issue they were discussing here: https://discussions.apple.com/thread/2409017?answerId=11427257022#11427257022 but I need some help because I don't know were I should start looking. The server services a mixed environment of PCs and Macs.


Here's the postconf -n:


alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases

always_bcc =

biff = no

command_directory = /usr/sbin

config_directory = /etc/postfix

content_filter = smtp-amavis:[127.0.0.1]:10024

daemon_directory = /usr/libexec/postfix

debug_peer_level = 2

enable_server_options = yes

header_checks = pcre:/etc/postfix/custom_header_checks

html_directory = /usr/share/doc/postfix/html

inet_interfaces = all

local_recipient_maps =

mail_owner = _postfix

mailbox_size_limit = 0

mailbox_transport = dovecot

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

maps_rbl_domains =

message_size_limit = 0

mydestination = $myhostname, localhost.$mydomain, localhost, mail.ecogenia.ca, ecogenia.ca, eurolub.org, exeliance.ca, lasalleblanche.ca, $mydomain

mydomain = local

mydomain_fallback = localhost

myhostname = server.ecogenia.ca

mynetworks = 127.0.0.0/31,192.168.1.0/24,server.onemorething.ca

newaliases_path = /usr/bin/newaliases

owner_request_special = no

queue_directory = /private/var/spool/postfix

readme_directory = /usr/share/doc/postfix

recipient_delimiter = +

relayhost =

sample_directory = /usr/share/doc/postfix/examples

sendmail_path = /usr/sbin/sendmail

setgid_group = _postdrop

smtp_sasl_auth_enable = yes

smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd

smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated reject_rbl_client zen.spamhaus.org permit

smtpd_enforce_tls = no

smtpd_helo_required = yes

smtpd_helo_restrictions = reject_invalid_helo_hostname

smtpd_pw_server_security_options = gssapi,cram-md5,plain,login

smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_policy_service unix:private/policy permit

smtpd_sasl_auth_enable = yes

smtpd_tls_CAfile = /etc/certificates/server.ecogenia.ca.5175BAA1BA74D298B4FA5292A7739183C7A9DB3F.c hain.pem

smtpd_tls_cert_file = /etc/certificates/server.ecogenia.ca.5175BAA1BA74D298B4FA5292A7739183C7A9DB3F.c ert.pem

smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL

smtpd_tls_key_file = /etc/certificates/server.ecogenia.ca.5175BAA1BA74D298B4FA5292A7739183C7A9DB3F.k ey.pem

smtpd_use_pw_server = yes

smtpd_use_tls = yes

tls_random_source = dev:/dev/urandom

unknown_local_recipient_reject_code = 550

virtual_alias_domains = $virtual_alias_maps hash:/etc/postfix/virtual_domains

virtual_alias_maps = $virtual_maps hash:/etc/postfix/virtual_users



Any help would be appreciated, I've been trying to figure this out all day and if it doesn't get fixed by Monday, I'll probably get in trouble.

Posted on Oct 12, 2012 5:57 PM

Reply
7 replies
User profile for user: Moises R - OMTBA
Moises R - OMTBA Author
User level: Level 1
0 points

Oct 12, 2012 7:25 PM in response to MrHoffman

Thanks for your prompt response but is there anything that could help me narrow down the search? Some keywords maybe? I see pages and pages of this:



Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<magmapplebeck@aol.com>, relay=none, delay=320776, delays=320751/24/0/0.88, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/smtp[5653]: 7D7CE357D733: to=<gg037@amnestylombardia.org>, relay=none, delay=425827, delays=425739/28/60/0, dsn=4.4.1, status=deferred (connect to mail2.quasigratis.it[194.69.193.7]:25: Operation timed out)

Oct 12 15:26:04 server postfix/error[6407]: 87003361622F: to=<searly@cs.com>, relay=none, delay=319061, delays=319035/24/0/2.3, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-02.mx.aol.com[64.12.90.65] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/smtp[6309]: 879CC374FCEC: host hrndva-smtpin01.mail.rr.com[71.74.56.243] refused to talk to me: 554 5.7.1 - ERROR: Mail refused - <207.115.108.189> - See http://postmaster.rr.com/amIBlockedByRR?ip=207.115.108.189

Oct 12 15:26:04 server postfix/error[6329]: 8655E365CD0C: to=<bdalgarno@netscape.net>, relay=none, delay=284737, delays=284707/27/0/4, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-01.mx.aol.com[64.12.90.98] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/qmgr[6275]: 8955E37B6618: from=<>, size=9172, nrcpt=1 (queue active)

Oct 12 15:26:04 server postfix/error[6385]: 874FE382D48B: to=<smrfs@onlinechase.com>, relay=none, delay=88547, delays=88525/21/0/0.58, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mailstore1.secureserver.net[216.69.186.201] refused to talk to me: 554-m1pismtp01-027.prod.mesa1.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)

Oct 12 15:26:04 server postfix/error[6380]: 87432360D41B: to=<cindynanny@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.78, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<magmomb@aol.com>, relay=none, delay=320776, delays=320751/24/0/0.94, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6418]: 874DB360C414: to=<sxzbey@aol.com>, relay=none, delay=322434, delays=322412/21/0/0.62, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mhd424@aol.com>, relay=none, delay=321831, delays=321807/23/0/0.93, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6380]: 87432360D41B: to=<cindyt@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.83, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mheal65@aol.com>, relay=none, delay=321831, delays=321807/23/0/0.97, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/smtp[6309]: 879CC374FCEC: to=<amink@tampabay.rr.com>, relay=hrndva-smtpin02.mail.rr.com[71.74.56.244]:25, delay=184224, delays=184205/18/0.87/0, dsn=4.7.1, status=deferred (host hrndva-smtpin02.mail.rr.com[71.74.56.244] refused to talk to me: 554 5.7.1 - ERROR: Mail refused - <207.115.108.189> - See http://postmaster.rr.com/amIBlockedByRR?ip=207.115.108.189)

Oct 12 15:26:04 server postfix/error[6418]: 874DB360C414: to=<syddeycake@aol.com>, relay=none, delay=322434, delays=322412/21/0/0.66, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<magus1947@aol.com>, relay=none, delay=320776, delays=320751/24/0/0.98, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/smtp[6109]: connect to a0l.com[195.93.85.39]:25: Operation timed out

Oct 12 15:26:04 server postfix/qmgr[6275]: 8958F35C37C5: from=<smrfs@onlinechase.com>, size=7185, nrcpt=50 (queue active)

Oct 12 15:26:04 server postfix/error[6471]: 8752A36CE04C: to=<smrfs@onlinechase.com>, relay=none, delay=238064, delays=238042/22/0/0.05, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mailstore1.secureserver.net[216.69.186.201] refused to talk to me: 554-m1pismtp01-027.prod.mesa1.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)

Oct 12 15:26:04 server postfix/error[6362]: 8755436A9FB4: to=<smrfs@onlinechase.com>, relay=none, delay=256367, delays=256345/22/0/0.05, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mailstore1.secureserver.net[216.69.186.201] refused to talk to me: 554-m1pismtp01-027.prod.mesa1.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mhennessy3@aol.com>, relay=none, delay=321831, delays=321807/23/0/0.98, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<mahan1111@aol.com>, relay=none, delay=320776, delays=320751/24/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6418]: 874DB360C414: to=<syellott@aol.com>, relay=none, delay=322434, delays=322412/21/0/0.68, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6380]: 87432360D41B: to=<cindyucb32@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.85, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<mahjmh@aol.com>, relay=none, delay=320776, delays=320751/24/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mher01@aol.com>, relay=none, delay=321831, delays=321807/23/0/0.99, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6380]: 87432360D41B: to=<cingpaws@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.86, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6418]: 874DB360C414: to=<syholt@aol.com>, relay=none, delay=322434, delays=322412/21/0/0.68, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<mairive@aol.com>, relay=none, delay=320776, delays=320751/24/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6333]: 8757336C1BD5: to=<smrfs@onlinechase.com>, relay=none, delay=242870, delays=242848/22/0/0, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mailstore1.secureserver.net[216.69.186.201] refused to talk to me: 554-m1pismtp01-027.prod.mesa1.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)

Oct 12 15:26:04 server postfix/error[6405]: 875753602232: to=<nellyboo202@aol.com>, relay=none, delay=324929, delays=324908/22/0/0, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/qmgr[6275]: 89618380DD6B: from=<>, size=9985, nrcpt=1 (queue active)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mhessler77@aol.com>, relay=none, delay=321831, delays=321807/23/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6380]: 87432360D41B: to=<cinmidkid@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.87, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6418]: 874DB360C414: to=<szelongmarie@aol.com>, relay=none, delay=322434, delays=322412/21/0/0.7, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<maisha391@aol.com>, relay=none, delay=320776, delays=320751/24/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6405]: 875753602232: to=<nenabradford@aol.com>, relay=none, delay=324929, delays=324908/22/0/0.02, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mhg731@aol.com>, relay=none, delay=321831, delays=321807/23/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6380]: 87432360D41B: to=<cinnamon2pr@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.87, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6418]: 874DB360C414: to=<taaenteprise@aol.com>, relay=none, delay=322434, delays=322412/21/0/0.7, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<majikwarriorz@aol.com>, relay=none, delay=320776, delays=320751/24/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6405]: 875753602232: to=<nene6508@aol.com>, relay=none, delay=324929, delays=324908/22/0/0.02, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/qmgr[6275]: 8962A35C0022: from=<smrfs@onlinechase.com>, size=7241, nrcpt=2 (queue active)

Oct 12 15:26:04 server postfix/error[6361]: 875A736D5E81: to=<smrfs@onlinechase.com>, relay=none, delay=235645, delays=235623/22/0/0.01, dsn=4.0.0, status=deferred (delivery temporarily suspended: host mailstore1.secureserver.net[216.69.186.201] refused to talk to me: 554-m1pismtp01-027.prod.mesa1.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.)

Oct 12 15:26:04 server postfix/error[6420]: 875AC3619C2C: to=<shabbona@aol.com>, relay=none, delay=318182, delays=318161/21/0/0.01, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mhinnant2@aol.com>, relay=none, delay=321831, delays=321807/23/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6380]: 87432360D41B: to=<cinncinatifan@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.88, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6405]: 875753602232: to=<netta3273@aol.com>, relay=none, delay=324929, delays=324908/22/0/0.03, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<makawi@aol.com>, relay=none, delay=320776, delays=320751/24/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6420]: 875AC3619C2C: to=<shableasing41@aol.com>, relay=none, delay=318182, delays=318161/21/0/0.01, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mhmtire@aol.com>, relay=none, delay=321831, delays=321807/23/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6380]: 87432360D41B: to=<cinselkow@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.88, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6359]: 872CA360E592: to=<mholbach@aol.com>, relay=none, delay=321831, delays=321807/23/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6334]: 8727936113F2: to=<makx@aol.com>, relay=none, delay=320776, delays=320751/24/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:04 server postfix/error[6420]: 875AC3619C2C: to=<shad4eva62@aol.com>, relay=none, delay=318182, delays=318161/21/0/0.02, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:05 server postfix/qmgr[6275]: 8962B368FA88: from=<smrfs@onlinechase.com>, size=7251, nrcpt=2 (queue active)

Oct 12 15:26:05 server postfix/error[6380]: 87432360D41B: to=<cinthiaj1967@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.91, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:05 server postfix/error[6359]: 872CA360E592: to=<mhtate@aol.com>, relay=none, delay=321831, delays=321807/23/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:05 server postfix/error[6334]: 8727936113F2: to=<makyison@aol.com>, relay=none, delay=320776, delays=320751/24/0/1.1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:05 server postfix/error[6420]: 875AC3619C2C: to=<shaferl@aol.com>, relay=none, delay=318182, delays=318161/21/0/0.04, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:05 server postfix/error[6380]: 87432360D41B: to=<cintiacruzbinet@aol.com>, relay=none, delay=322060, delays=322037/23/0/0.91, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:05 server postfix/error[6359]: 872CA360E592: to=<miabalthazar@aol.com>, relay=none, delay=321831, delays=321807/23/0/1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Oct 12 15:26:05 server postfix/error[6334]: 8727936113F2: to=<mal2684@aol.com>, relay=none, delay=320776, delays=320751/24/0/1.1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)

Reply
User profile for user: Moises R - OMTBA
Moises R - OMTBA Author
User level: Level 1
0 points

Oct 12, 2012 7:28 PM in response to Moises R - OMTBA

And some more of this:


Oct 12 13:29:03 server postfix/smtp[86688]: CBED436994C7: host mailin-02.mx.aol.com[64.12.139.193] refused to talk to me: 421 4.7.1 : (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html

Oct 12 13:29:03 server postfix/smtp[86634]: connect to localhost.localhost.com[64.99.64.32]:25: Operation timed out

Oct 12 13:29:03 server postfix/smtp[86634]: 5F510374EDB9: to=<ajcxiz@hobnailed.com>, relay=none, delay=177524, delays=177486/8.7/30/0, dsn=4.4.1, status=deferred (connect to localhost.localhost.com[64.99.64.32]:25: Operation timed out)

Oct 12 13:29:03 server postfix/smtp[86648]: connect to msnhotmail.com[65.55.72.167]:25: Operation timed out

Oct 12 13:29:03 server postfix/smtp[86654]: connect to cardinally.com[82.98.86.165]:25: Operation timed out

Oct 12 13:29:03 server postfix/smtp[86654]: 5F510374EDB9: to=<ajcvsagjqv@cardinally.com>, relay=none, delay=177524, delays=177486/8.7/30/0, dsn=4.4.1, status=deferred (connect to cardinally.com[82.98.86.165]:25: Operation timed out)

Oct 12 13:29:03 server postfix/smtp[86625]: connect to aool.com[205.188.100.24]:25: Operation timed out

Oct 12 13:29:03 server postfix/smtp[86645]: connect to gc.peachnet.edu[168.30.8.39]:25: Operation timed out

Oct 12 13:29:04 server postfix/smtp[86617]: connect to misquotation.com[50.57.34.52]:25: Operation timed out

Oct 12 13:29:04 server postfix/smtp[86617]: 5F510374EDB9: to=<ajcxqh@misquotation.com>, relay=none, delay=177525, delays=177486/9.1/30/0, dsn=4.4.1, status=deferred (connect to misquotation.com[50.57.34.52]:25: Operation timed out)

Oct 12 13:29:04 server postfix/smtp[86658]: connect to a0l.com[195.93.85.39]:25: Operation timed out

Oct 12 13:29:04 server postfix/smtp[86631]: connect to reciprocally.com[199.59.241.181]:25: Operation timed out

Oct 12 13:29:04 server postfix/smtp[86631]: 5F510374EDB9: to=<ajczzy@reciprocally.com>, relay=none, delay=177525, delays=177486/9.2/30/0, dsn=4.4.1, status=deferred (connect to reciprocally.com[199.59.241.181]:25: Operation timed out)

Oct 12 13:29:04 server postfix/smtp[86598]: C3106365DA99: host smtp.secureserver.net[72.167.238.201] refused to talk to me: 554-p3pismtp01-054.prod.phx3.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.

Oct 12 13:29:04 server postfix/smtp[86653]: connect to americaonline.com[207.200.74.38]:25: Operation timed out

Oct 12 13:29:04 server postfix/smtp[86651]: 65C76374EE9D: to=<ajvzpe@communistic.com>, relay=none, delay=177496, delays=177458/8.2/30/0, dsn=4.4.3, status=deferred (Host or domain name not found. Name service error for name=communistic.com type=MX: Host not found, try again)

Reply
User profile for user: Moises R - OMTBA
Moises R - OMTBA Author
User level: Level 1
0 points

Oct 12, 2012 8:16 PM in response to MrHoffman

Unfortunately I can't take it offline because it's the main and only mail server.


The access logs seem legitimate too although there's so much...


deliver(mailbackup): Oct 12 13:55:16 Info: msgid=<95A6A3AD75434925AB1D25567C3AA6BC@ecodesktop2>: saved mail to INBOX

deliver(mailbackup): Oct 12 13:55:16 Info: push-notify: push notification enabled

deliver(mailbackup): Oct 12 13:55:16 Warning: push-notify: connect() to socket: "/var/dovecot/push_notify" failed: Permission denied

deliver(mailbackup): Oct 12 13:55:19 Info: Loading modules from directory: /usr/lib/dovecot/lda

deliver(mailbackup): Oct 12 13:55:19 Info: Module loaded: /usr/lib/dovecot/lda/lib10_quota_plugin.so

deliver(philippeforest): Oct 12 13:55:19 Info: Loading modules from directory: /usr/lib/dovecot/lda

deliver(philippeforest): Oct 12 13:55:19 Info: Module loaded: /usr/lib/dovecot/lda/lib10_quota_plugin.so

deliver(mailbackup): Oct 12 13:55:19 Info: Module loaded: /usr/lib/dovecot/lda/lib20_push_notify_plugin.so

deliver(mailbackup): Oct 12 13:55:19 Info: Module loaded: /usr/lib/dovecot/lda/lib90_cmusieve_plugin.so

Oct 12 13:55:19 server dovecot[68]: auth(default): master in: USER 1 mailbackup service=deliver

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: mailbackup

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: uid=1084

Oct 12 13:55:19 server dovecot[68]: auth(default): od(mailbackup): lookup user=mailbackup

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: gid=20

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: quota=maildir:User quota:noenforcing

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: quota_rule=*:storage=0

Oct 12 13:55:19 server dovecot[68]: auth(default): od(mailbackup): found user in local table: user=mailbackup

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: mail=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: mail_location=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD05 16665919

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: sieve=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD051666591 9/dovecot.sieve

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: sieve_dir=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD05166 65919

deliver(mailbackup): Oct 12 13:55:19 Info: auth input: sieve_storage=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD0 516665919

Oct 12 13:55:19 server dovecot[68]: auth(default): od(mailbackup): record name=mailbackup, uid=1084, gid=20

Oct 12 13:55:19 server dovecot[68]: auth(default): od(mailbackup): user=mailbackup, quota=*:storage=0

Oct 12 13:55:19 server dovecot[68]: auth(default): od(mailbackup): data store location=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665 919

deliver(mailbackup): Oct 12 13:55:19 Info: Quota root: name=User quota backend=maildir args=noenforcing

deliver(mailbackup): Oct 12 13:55:19 Info: Quota rule: root=User quota mailbox=* bytes=0 messages=0

deliver(mailbackup): Oct 12 13:55:19 Info: Quota warning: bytes=0 (100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh

deliver(mailbackup): Oct 12 13:55:19 Info: maildir: data=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(mailbackup): Oct 12 13:55:19 Info: maildir++: root=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919, index=, control=, inbox=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(mailbackup): Oct 12 13:55:19 Info: cmusieve: /var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD0516665919/dove cot.sieve doesn't exist

deliver(philippeforest): Oct 12 13:55:19 Info: Module loaded: /usr/lib/dovecot/lda/lib20_push_notify_plugin.so

deliver(philippeforest): Oct 12 13:55:19 Info: Module loaded: /usr/lib/dovecot/lda/lib90_cmusieve_plugin.so

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: philippeforest

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: uid=1086

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: gid=20

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: quota=maildir:User quota:noenforcing

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: quota_rule=*:storage=0

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: mail=maildir:/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7AFC

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: mail_location=maildir:/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE 587D7AFC

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: sieve=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61CE587D7AF C/dovecot.sieve

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: sieve_dir=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61CE587 D7AFC

deliver(philippeforest): Oct 12 13:55:19 Info: auth input: sieve_storage=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61C E587D7AFC

Oct 12 13:55:19 server dovecot[68]: auth(default): master out: USER 1 mailbackup uid=1084 gid=20 quota=maildir:User quota:noenforcing quota_rule=*:storage=0 mail=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD051666 5919 mail_location=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B -FD0516665919 sieve=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD0516 665919/dovecot.sieve sieve_dir=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD 0516665919 sieve_storage=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33 B-FD0516665919

Oct 12 13:55:19 server dovecot[68]: auth(default): master in: USER 1 philippeforest service=deliver

Oct 12 13:55:19 server dovecot[68]: auth(default): od(philippeforest): lookup user=philippeforest

Oct 12 13:55:19 server dovecot[68]: auth(default): od(philippeforest): found user in local table: user=philippeforest

Oct 12 13:55:19 server dovecot[68]: auth(default): od(philippeforest): record name=philippeforest, uid=1086, gid=20

Oct 12 13:55:19 server dovecot[68]: auth(default): od(philippeforest): user=philippeforest, quota=*:storage=0

deliver(philippeforest): Oct 12 13:55:19 Info: Quota root: name=User quota backend=maildir args=noenforcing

deliver(philippeforest): Oct 12 13:55:19 Info: Quota rule: root=User quota mailbox=* bytes=0 messages=0

deliver(philippeforest): Oct 12 13:55:19 Info: Quota warning: bytes=0 (100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh

deliver(philippeforest): Oct 12 13:55:19 Info: maildir: data=/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7AFC

deliver(philippeforest): Oct 12 13:55:19 Info: maildir++: root=/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7AFC, index=, control=, inbox=/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7AFC

deliver(philippeforest): Oct 12 13:55:19 Info: cmusieve: /var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61CE587D7AFC/dove cot.sieve doesn't exist

Oct 12 13:55:19 server dovecot[68]: auth(default): od(philippeforest): data store location=maildir:/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7 AFC

Oct 12 13:55:19 server dovecot[68]: auth(default): master out: USER 1 philippeforest uid=1086 gid=20 quota=maildir:User quota:noenforcing quota_rule=*:storage=0 mail=maildir:/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D 7AFC mail_location=maildir:/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B -61CE587D7AFC sieve=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61CE58 7D7AFC/dovecot.sieve sieve_dir=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61 CE587D7AFC sieve_storage=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45 B-61CE587D7AFC

deliver(mailbackup): Oct 12 13:55:20 Info: Loading modules from directory: /usr/lib/dovecot/lda

deliver(mailbackup): Oct 12 13:55:20 Info: Module loaded: /usr/lib/dovecot/lda/lib10_quota_plugin.so

deliver(philippeforest): Oct 12 13:55:20 Info: msgid=<F5FFEDD669784E5985CAA349B7D2466D@ecodesktop2>: saved mail to INBOX

deliver(philippeforest): Oct 12 13:55:20 Info: push-notify: push notification enabled

deliver(philippeforest): Oct 12 13:55:20 Warning: push-notify: connect() to socket: "/var/dovecot/push_notify" failed: Permission denied

deliver(mailbackup): Oct 12 13:55:20 Info: Module loaded: /usr/lib/dovecot/lda/lib20_push_notify_plugin.so

deliver(mailbackup): Oct 12 13:55:20 Info: Module loaded: /usr/lib/dovecot/lda/lib90_cmusieve_plugin.so

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: mailbackup

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: uid=1084

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: gid=20

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: quota=maildir:User quota:noenforcing

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: quota_rule=*:storage=0

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: mail=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: mail_location=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD05 16665919

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: sieve=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD051666591 9/dovecot.sieve

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: sieve_dir=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD05166 65919

deliver(mailbackup): Oct 12 13:55:20 Info: auth input: sieve_storage=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD0 516665919

Oct 12 13:55:20 server dovecot[68]: auth(default): master in: USER 1 mailbackup service=deliver

Oct 12 13:55:20 server dovecot[68]: auth(default): od(mailbackup): lookup user=mailbackup

Oct 12 13:55:20 server dovecot[68]: auth(default): od(mailbackup): found user in local table: user=mailbackup

Oct 12 13:55:20 server dovecot[68]: auth(default): od(mailbackup): record name=mailbackup, uid=1084, gid=20

Oct 12 13:55:20 server dovecot[68]: auth(default): od(mailbackup): user=mailbackup, quota=*:storage=0

deliver(mailbackup): Oct 12 13:55:20 Info: Quota root: name=User quota backend=maildir args=noenforcing

deliver(mailbackup): Oct 12 13:55:20 Info: Quota rule: root=User quota mailbox=* bytes=0 messages=0

deliver(mailbackup): Oct 12 13:55:20 Info: Quota warning: bytes=0 (100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh

deliver(mailbackup): Oct 12 13:55:20 Info: maildir: data=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(mailbackup): Oct 12 13:55:20 Info: maildir++: root=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919, index=, control=, inbox=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(mailbackup): Oct 12 13:55:20 Info: cmusieve: /var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD0516665919/dove cot.sieve doesn't exist

Oct 12 13:55:20 server dovecot[68]: auth(default): od(mailbackup): data store location=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665 919

Oct 12 13:55:20 server dovecot[68]: auth(default): master out: USER 1 mailbackup uid=1084 gid=20 quota=maildir:User quota:noenforcing quota_rule=*:storage=0 mail=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD051666 5919 mail_location=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B -FD0516665919 sieve=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD0516 665919/dovecot.sieve sieve_dir=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD 0516665919 sieve_storage=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33 B-FD0516665919

deliver(mailbackup): Oct 12 13:55:20 Info: msgid=<F5FFEDD669784E5985CAA349B7D2466D@ecodesktop2>: saved mail to INBOX

deliver(mailbackup): Oct 12 13:55:20 Info: push-notify: push notification enabled

deliver(mailbackup): Oct 12 13:55:20 Warning: push-notify: connect() to socket: "/var/dovecot/push_notify" failed: Permission denied

deliver(mailbackup): Oct 12 13:55:20 Info: msgid=<F5FFEDD669784E5985CAA349B7D2466D@ecodesktop2>: saved mail to INBOX

deliver(mailbackup): Oct 12 13:55:20 Info: push-notify: push notification enabled

deliver(mailbackup): Oct 12 13:55:20 Warning: push-notify: connect() to socket: "/var/dovecot/push_notify" failed: Permission denied

Oct 12 13:55:26 server dovecot[68]: auth(default): client in: AUTH 15 LOGIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=993 rport=63327

Oct 12 13:55:26 server dovecot[68]: auth(default): client out: CONT 15 VXNlcm5hbWU6

Oct 12 13:55:26 server dovecot[68]: auth(default): client in: CONT 15 Y29tLmFwcGxlLmNhbGVuZGFyc2VydmVy

Oct 12 13:55:26 server dovecot[68]: auth(default): client out: CONT 15 UGFzc3dvcmQ6

Oct 12 13:55:26 server dovecot[68]: auth(default): client in: CONT 15 NWhFWTlpVFJVQkxzVVNzOQ==

Oct 12 13:55:26 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): mail SACL is not enabled; error=2

Oct 12 13:55:26 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): found user in local table: user=com.apple.calendarserver

Oct 12 13:55:26 server dovecot[68]: auth(default): client out: OK 15 user=com.apple.calendarserver

Oct 12 13:55:26 server dovecot[68]: auth(default): master in: REQUEST 16269 89013 15

Oct 12 13:55:26 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): lookup user=com.apple.calendarserver

Oct 12 13:55:26 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): found user in local table: user=com.apple.calendarserver

Oct 12 13:55:26 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): record name=com.apple.calendarserver, uid=250, gid=20

Oct 12 13:55:26 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): user=com.apple.calendarserver, quota=*:storage=0

Oct 12 13:55:26 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): data store location=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA895 46F

Oct 12 13:55:26 server dovecot[68]: auth(default): master out: USER 16269 com.apple.calendarserver uid=250 gid=20 quota=maildir:User quota:noenforcing quota_rule=*:storage=0 mail=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89 546F mail_location=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13 -EBF9DA89546F sieve=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B13-EBF9DA 89546F/dovecot.sieve sieve_dir=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B13-EB F9DA89546F sieve_storage=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B1 3-EBF9DA89546F

Oct 12 13:55:26 server dovecot[68]: imap-login: Login: user=<com.apple.calendarserver>, method=LOGIN, rip=127.0.0.1, lip=127.0.0.1, TLS

Oct 12 13:55:26 server dovecot[68]: auth(default): new auth connection: pid=89013

Oct 12 13:55:26 server dovecot[68]: IMAP(*): Loading modules from directory: /usr/lib/dovecot/imap

Oct 12 13:55:26 server dovecot[68]: IMAP(*): Module loaded: /usr/lib/dovecot/imap/lib10_quota_plugin.so

Oct 12 13:55:26 server dovecot[68]: IMAP(*): Module loaded: /usr/lib/dovecot/imap/lib11_imap_quota_plugin.so

Oct 12 13:55:26 server dovecot[68]: IMAP(*): Effective uid=250, gid=20, home=

Oct 12 13:55:26 server dovecot[68]: IMAP(*): Quota root: name=User quota backend=maildir args=noenforcing

Oct 12 13:55:26 server dovecot[68]: IMAP(*): Quota rule: root=User quota mailbox=* bytes=0 messages=0

Oct 12 13:55:26 server dovecot[68]: IMAP(*): Quota warning: bytes=0 (100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh

Oct 12 13:55:26 server dovecot[68]: IMAP(*): maildir: data=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F

Oct 12 13:55:26 server dovecot[68]: IMAP(*): maildir++: root=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F, index=, control=, inbox=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F

Oct 12 13:55:26 server dovecot[68]: IMAP(*): User com.apple.calendarserver: Disconnected: Logged out bytes=68/380

Oct 12 13:55:26 server dovecot[68]: IMAP(*): Master disconnected (pid 91664)

Oct 12 13:55:26 server dovecot[68]: auth(default): new auth connection: pid=89013

Oct 12 13:55:56 server dovecot[68]: auth(default): client in: AUTH 16 LOGIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=993 rport=63430

Oct 12 13:55:56 server dovecot[68]: auth(default): client out: CONT 16 VXNlcm5hbWU6

Oct 12 13:55:56 server dovecot[68]: auth(default): client in: CONT 16 Y29tLmFwcGxlLmNhbGVuZGFyc2VydmVy

Oct 12 13:55:56 server dovecot[68]: auth(default): client out: CONT 16 UGFzc3dvcmQ6

Oct 12 13:55:56 server dovecot[68]: auth(default): client in: CONT 16 NWhFWTlpVFJVQkxzVVNzOQ==

Oct 12 13:55:56 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): mail SACL is not enabled; error=2

Oct 12 13:55:56 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): found user in local table: user=com.apple.calendarserver

Oct 12 13:55:56 server dovecot[68]: auth(default): client out: OK 16 user=com.apple.calendarserver

Oct 12 13:55:56 server dovecot[68]: auth(default): master in: REQUEST 16270 89013 16

Oct 12 13:55:56 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): lookup user=com.apple.calendarserver

Oct 12 13:55:56 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): found user in local table: user=com.apple.calendarserver

Oct 12 13:55:56 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): record name=com.apple.calendarserver, uid=250, gid=20

Oct 12 13:55:56 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): user=com.apple.calendarserver, quota=*:storage=0

Oct 12 13:55:56 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): data store location=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA895 46F

Oct 12 13:55:56 server dovecot[68]: auth(default): master out: USER 16270 com.apple.calendarserver uid=250 gid=20 quota=maildir:User quota:noenforcing quota_rule=*:storage=0 mail=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89 546F mail_location=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13 -EBF9DA89546F sieve=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B13-EBF9DA 89546F/dovecot.sieve sieve_dir=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B13-EB F9DA89546F sieve_storage=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B1 3-EBF9DA89546F

Oct 12 13:55:56 server dovecot[68]: imap-login: Login: user=<com.apple.calendarserver>, method=LOGIN, rip=127.0.0.1, lip=127.0.0.1, TLS

Oct 12 13:55:56 server dovecot[68]: auth(default): new auth connection: pid=89013

Oct 12 13:55:56 server dovecot[68]: IMAP(*): Loading modules from directory: /usr/lib/dovecot/imap

Oct 12 13:55:56 server dovecot[68]: IMAP(*): Module loaded: /usr/lib/dovecot/imap/lib10_quota_plugin.so

Oct 12 13:55:56 server dovecot[68]: IMAP(*): Module loaded: /usr/lib/dovecot/imap/lib11_imap_quota_plugin.so

Oct 12 13:55:56 server dovecot[68]: IMAP(*): Effective uid=250, gid=20, home=

Oct 12 13:55:56 server dovecot[68]: IMAP(*): Quota root: name=User quota backend=maildir args=noenforcing

Oct 12 13:55:56 server dovecot[68]: IMAP(*): Quota rule: root=User quota mailbox=* bytes=0 messages=0

Oct 12 13:55:56 server dovecot[68]: IMAP(*): Quota warning: bytes=0 (100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh

Oct 12 13:55:56 server dovecot[68]: IMAP(*): maildir: data=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F

Oct 12 13:55:56 server dovecot[68]: IMAP(*): maildir++: root=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F, index=, control=, inbox=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F

Oct 12 13:55:56 server dovecot[68]: IMAP(*): User com.apple.calendarserver: Disconnected: Logged out bytes=68/380

Oct 12 13:55:56 server dovecot[68]: IMAP(*): Master disconnected (pid 91720)

Oct 12 13:55:56 server dovecot[68]: auth(default): new auth connection: pid=89013

Oct 12 13:56:27 server dovecot[68]: auth(default): client in: AUTH 17 LOGIN service=imap secured lip=127.0.0.1 rip=127.0.0.1 lport=993 rport=63480

Oct 12 13:56:27 server dovecot[68]: auth(default): client out: CONT 17 VXNlcm5hbWU6

Oct 12 13:56:27 server dovecot[68]: auth(default): client in: CONT 17 Y29tLmFwcGxlLmNhbGVuZGFyc2VydmVy

Oct 12 13:56:27 server dovecot[68]: auth(default): client out: CONT 17 UGFzc3dvcmQ6

Oct 12 13:56:27 server dovecot[68]: auth(default): client in: CONT 17 NWhFWTlpVFJVQkxzVVNzOQ==

Oct 12 13:56:27 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): mail SACL is not enabled; error=2

Oct 12 13:56:27 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): found user in local table: user=com.apple.calendarserver

Oct 12 13:56:27 server dovecot[68]: auth(default): client out: OK 17 user=com.apple.calendarserver

Oct 12 13:56:27 server dovecot[68]: auth(default): master in: REQUEST 16271 89013 17

Oct 12 13:56:27 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): lookup user=com.apple.calendarserver

Oct 12 13:56:27 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): found user in local table: user=com.apple.calendarserver

Oct 12 13:56:27 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): record name=com.apple.calendarserver, uid=250, gid=20

Oct 12 13:56:27 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): user=com.apple.calendarserver, quota=*:storage=0

Oct 12 13:56:27 server dovecot[68]: auth(default): od(com.apple.calendarserver,127.0.0.1): data store location=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA895 46F

Oct 12 13:56:27 server dovecot[68]: auth(default): master out: USER 16271 com.apple.calendarserver uid=250 gid=20 quota=maildir:User quota:noenforcing quota_rule=*:storage=0 mail=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89 546F mail_location=maildir:/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13 -EBF9DA89546F sieve=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B13-EBF9DA 89546F/dovecot.sieve sieve_dir=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B13-EB F9DA89546F sieve_storage=/var/spool/imap/dovecot/sieve-scripts/06D36BF2-D9FE-42E3-9B1 3-EBF9DA89546F

Oct 12 13:56:27 server dovecot[68]: imap-login: Login: user=<com.apple.calendarserver>, method=LOGIN, rip=127.0.0.1, lip=127.0.0.1, TLS

Oct 12 13:56:27 server dovecot[68]: auth(default): new auth connection: pid=89013

Oct 12 13:56:27 server dovecot[68]: IMAP(*): Loading modules from directory: /usr/lib/dovecot/imap

Oct 12 13:56:27 server dovecot[68]: IMAP(*): Module loaded: /usr/lib/dovecot/imap/lib10_quota_plugin.so

Oct 12 13:56:27 server dovecot[68]: IMAP(*): Module loaded: /usr/lib/dovecot/imap/lib11_imap_quota_plugin.so

Oct 12 13:56:27 server dovecot[68]: IMAP(*): Effective uid=250, gid=20, home=

Oct 12 13:56:27 server dovecot[68]: IMAP(*): Quota root: name=User quota backend=maildir args=noenforcing

Oct 12 13:56:27 server dovecot[68]: IMAP(*): Quota rule: root=User quota mailbox=* bytes=0 messages=0

Oct 12 13:56:27 server dovecot[68]: IMAP(*): Quota warning: bytes=0 (100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh

Oct 12 13:56:27 server dovecot[68]: IMAP(*): maildir: data=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F

Oct 12 13:56:27 server dovecot[68]: IMAP(*): maildir++: root=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F, index=, control=, inbox=/var/spool/imap/dovecot/mail/06D36BF2-D9FE-42E3-9B13-EBF9DA89546F

Oct 12 13:56:27 server dovecot[68]: IMAP(*): User com.apple.calendarserver: Disconnected: Logged out bytes=68/380

Oct 12 13:56:27 server dovecot[68]: IMAP(*): Master disconnected (pid 91752)

Oct 12 13:56:27 server dovecot[68]: auth(default): new auth connection: pid=89013

deliver(mailbackup): Oct 12 13:56:42 Info: Loading modules from directory: /usr/lib/dovecot/lda

deliver(philippeforest): Oct 12 13:56:42 Info: Loading modules from directory: /usr/lib/dovecot/lda

deliver(mailbackup): Oct 12 13:56:42 Info: Module loaded: /usr/lib/dovecot/lda/lib10_quota_plugin.so

deliver(philippeforest): Oct 12 13:56:42 Info: Module loaded: /usr/lib/dovecot/lda/lib10_quota_plugin.so

deliver(mailbackup): Oct 12 13:56:42 Info: Module loaded: /usr/lib/dovecot/lda/lib20_push_notify_plugin.so

deliver(philippeforest): Oct 12 13:56:42 Info: Module loaded: /usr/lib/dovecot/lda/lib20_push_notify_plugin.so

deliver(mailbackup): Oct 12 13:56:42 Info: Module loaded: /usr/lib/dovecot/lda/lib90_cmusieve_plugin.so

deliver(philippeforest): Oct 12 13:56:42 Info: Module loaded: /usr/lib/dovecot/lda/lib90_cmusieve_plugin.so

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: mailbackup

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: uid=1084

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: gid=20

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: quota=maildir:User quota:noenforcing

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: quota_rule=*:storage=0

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: mail=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: mail_location=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD05 16665919

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: sieve=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD051666591 9/dovecot.sieve

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: sieve_dir=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD05166 65919

deliver(mailbackup): Oct 12 13:56:42 Info: auth input: sieve_storage=/var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD0 516665919

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: philippeforest

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: uid=1086

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: gid=20

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: quota=maildir:User quota:noenforcing

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: quota_rule=*:storage=0

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: mail=maildir:/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7AFC

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: mail_location=maildir:/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE 587D7AFC

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: sieve=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61CE587D7AF C/dovecot.sieve

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: sieve_dir=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61CE587 D7AFC

deliver(philippeforest): Oct 12 13:56:42 Info: auth input: sieve_storage=/var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61C E587D7AFC

Oct 12 13:56:42 server dovecot[68]: auth(default): master in: USER 1 mailbackup service=deliver

Oct 12 13:56:42 server dovecot[68]: auth(default): od(mailbackup): lookup user=mailbackup

Oct 12 13:56:42 server dovecot[68]: auth(default): od(mailbackup): found user in local table: user=mailbackup

deliver(philippeforest): Oct 12 13:56:42 Info: Quota root: name=User quota backend=maildir args=noenforcing

deliver(mailbackup): Oct 12 13:56:42 Info: Quota root: name=User quota backend=maildir args=noenforcing

deliver(philippeforest): Oct 12 13:56:42 Info: Quota rule: root=User quota mailbox=* bytes=0 messages=0

deliver(philippeforest): Oct 12 13:56:42 Info: Quota warning: bytes=0 (100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh

deliver(mailbackup): Oct 12 13:56:42 Info: Quota rule: root=User quota mailbox=* bytes=0 messages=0

deliver(mailbackup): Oct 12 13:56:42 Info: Quota warning: bytes=0 (100%) messages=0 command=/usr/libexec/dovecot/quota-exceeded.sh

deliver(philippeforest): Oct 12 13:56:42 Info: maildir: data=/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7AFC

deliver(philippeforest): Oct 12 13:56:42 Info: maildir++: root=/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7AFC, index=, control=, inbox=/var/spool/imap/dovecot/mail/EC236C30-AC0C-45AF-B45B-61CE587D7AFC

deliver(mailbackup): Oct 12 13:56:42 Info: maildir: data=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(mailbackup): Oct 12 13:56:42 Info: maildir++: root=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919, index=, control=, inbox=/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665919

deliver(philippeforest): Oct 12 13:56:42 Info: cmusieve: /var/spool/imap/dovecot/sieve-scripts/EC236C30-AC0C-45AF-B45B-61CE587D7AFC/dove cot.sieve doesn't exist

deliver(mailbackup): Oct 12 13:56:42 Info: cmusieve: /var/spool/imap/dovecot/sieve-scripts/DD19CD32-C712-4B81-A33B-FD0516665919/dove cot.sieve doesn't exist

Oct 12 13:56:42 server dovecot[68]: auth(default): od(mailbackup): record name=mailbackup, uid=1084, gid=20

Oct 12 13:56:42 server dovecot[68]: auth(default): od(mailbackup): user=mailbackup, quota=*:storage=0

Oct 12 13:56:42 server dovecot[68]: auth(default): od(mailbackup): data store location=maildir:/var/spool/imap/dovecot/mail/DD19CD32-C712-4B81-A33B-FD0516665 919

Reply
User profile for user: Moises R - OMTBA
Moises R - OMTBA Author
User level: Level 1
0 points

Oct 13, 2012 2:57 PM in response to Moises R - OMTBA

I'm not seing much change in the logs since yesterday and I'm suspecting that there might be a malware or something on the LAN causing all of this but I have no idea how to identify it.

Does anybody has any suggestions?

I'm thinking about going down to the office and turn on the PCs and check the activity in the next hours...

Reply
User profile for user: Moises R - OMTBA
Moises R - OMTBA Author
User level: Level 1
0 points

Oct 13, 2012 5:34 PM in response to Moises R - OMTBA

A few entries since I turned on 5 PCs within the LAN at around 18H:



Oct 13 17:44:13 server postfix/smtpd[94047]: connect from localhost[127.0.0.1]

Oct 13 17:44:13 server postfix/smtpd[94047]: DDCB33946F21: client=localhost[127.0.0.1]

Oct 13 17:44:13 server postfix/cleanup[94034]: DDCB33946F21: message-id=<02177698-4F33-4CE9-9E8C-123739DF9408@ecogenia.ca>

Oct 13 17:44:14 server postfix/smtpd[94047]: disconnect from localhost[127.0.0.1]

Oct 13 17:44:14 server postfix/qmgr[10532]: DDCB33946F21: from=<pforest@ecogenia.ca>, size=5311734, nrcpt=1 (queue active)

Oct 13 17:44:14 server postfix/smtp[94036]: 45FB23946EFD: to=<moisesruiz@onemorething.ca>, relay=127.0.0.1[127.0.0.1]:10024, delay=12, delays=1.2/0.02/0.07/11, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=36333-17, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as DDCB33946F21)

Oct 13 17:44:14 server postfix/qmgr[10532]: 45FB23946EFD: removed

Oct 13 17:44:26 server postfix/smtp[94049]: DDCB33946F21: to=<moisesruiz@onemorething.ca>, relay=mail.onemorething.ca[69.70.178.122]:25, delay=12, delays=0.22/0.02/6.5/5.4, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 9EF24A07DE9)

Oct 13 17:44:26 server postfix/qmgr[10532]: DDCB33946F21: removed

Oct 13 17:44:47 server postfix/smtpd[94067]: connect from server.ecogenia.ca[207.115.108.189]

Oct 13 17:44:47 server postfix/smtpd[94067]: 1AAD13946F5F: client=server.ecogenia.ca[207.115.108.189], sasl_method=CRAM-MD5, sasl_username=postmaster

Oct 13 17:44:47 server postfix/cleanup[94034]: 1AAD13946F5F: message-id=<88EA2483-11AA-4449-A04A-3FE83620B61D@ecogenia.ca>

Oct 13 17:44:47 server postfix/qmgr[10532]: 1AAD13946F5F: from=<postmaster@ecogenia.ca>, size=100428, nrcpt=1 (queue active)

Oct 13 17:44:48 server postfix/smtpd[94047]: connect from localhost[127.0.0.1]

Oct 13 17:44:48 server postfix/smtpd[94047]: 7328A3946F74: client=localhost[127.0.0.1]

Oct 13 17:44:48 server postfix/cleanup[94034]: 7328A3946F74: message-id=<88EA2483-11AA-4449-A04A-3FE83620B61D@ecogenia.ca>

Oct 13 17:44:48 server postfix/smtpd[94047]: disconnect from localhost[127.0.0.1]

Oct 13 17:44:48 server postfix/qmgr[10532]: 7328A3946F74: from=<postmaster@ecogenia.ca>, size=100878, nrcpt=1 (queue active)

Oct 13 17:44:48 server postfix/smtp[94036]: 1AAD13946F5F: to=<moisesruiz@onemorething.ca>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.4, delays=0.01/0/0/1.4, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=36836-17, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 7328A3946F74)

Oct 13 17:44:48 server postfix/qmgr[10532]: 1AAD13946F5F: removed

Oct 13 17:44:49 server postfix/smtp[94049]: 7328A3946F74: to=<moisesruiz@onemorething.ca>, relay=mail.onemorething.ca[69.70.178.122]:25, delay=0.58, delays=0.03/0/0.05/0.5, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 973C3A07E2A)

Oct 13 17:44:49 server postfix/qmgr[10532]: 7328A3946F74: removed

Oct 13 17:45:03 server postfix/smtpd[94026]: disconnect from server.ecogenia.ca[207.115.108.189]

Oct 13 17:45:47 server postfix/smtpd[94067]: disconnect from server.ecogenia.ca[207.115.108.189]

Oct 13 17:49:07 server postfix/anvil[94030]: statistics: max connection rate 2/60s for (smtp:207.115.108.189) at Oct 13 17:44:47

Oct 13 17:49:07 server postfix/anvil[94030]: statistics: max connection count 2 for (smtp:207.115.108.189) at Oct 13 17:44:47

Oct 13 17:49:07 server postfix/anvil[94030]: statistics: max cache size 1 at Oct 13 17:44:00

Oct 13 18:26:25 server postfix/smtpd[96448]: warning: 69.50.212.38: hostname server9.ourcomputer4u.com verification failed: nodename nor servname provided, or not known

Oct 13 18:26:25 server postfix/smtpd[96448]: connect from unknown[69.50.212.38]

Oct 13 18:26:26 server postfix/trivial-rewrite[96454]: warning: do not list domain eurolub.org in BOTH mydestination and virtual_alias_domains

Oct 13 18:26:26 server postfix/smtpd[96448]: NOQUEUE: reject: RCPT from unknown[69.50.212.38]: 450 4.7.1 <plemieux@eurolub.org>: Recipient address rejected: Service is unavailable; from=<AmyLang572@www.bestpuppet.in> to=<plemieux@eurolub.org> proto=ESMTP helo=<winners.www.bestpuppet.in>

Oct 13 18:26:26 server postfix/smtpd[96448]: disconnect from unknown[69.50.212.38]

Oct 13 18:29:46 server postfix/anvil[96453]: statistics: max connection rate 1/60s for (smtp:69.50.212.38) at Oct 13 18:26:25

Oct 13 18:29:46 server postfix/anvil[96453]: statistics: max connection count 1 for (smtp:69.50.212.38) at Oct 13 18:26:25

Oct 13 18:29:46 server postfix/anvil[96453]: statistics: max cache size 1 at Oct 13 18:26:25

Oct 13 18:29:55 server postfix/smtpd[96605]: connect from webdarwin.com[216.70.84.39]

Oct 13 18:29:56 server postfix/smtpd[96605]: AE4A7394823D: client=webdarwin.com[216.70.84.39]

Oct 13 18:29:56 server postfix/cleanup[96617]: AE4A7394823D: message-id=<20121013222956.AE4A7394823D@server.ecogenia.ca>

Oct 13 18:29:56 server postfix/qmgr[10532]: AE4A7394823D: from=<mike@behlerconstruction.com>, size=862, nrcpt=1 (queue active)

Oct 13 18:29:56 server postfix/smtpd[96605]: disconnect from webdarwin.com[216.70.84.39]

Oct 13 18:29:57 server postfix/smtpd[96620]: connect from localhost[127.0.0.1]

Oct 13 18:29:57 server postfix/smtpd[96620]: BAF773948249: client=localhost[127.0.0.1]

Oct 13 18:29:57 server postfix/cleanup[96617]: BAF773948249: message-id=<20121013222956.AE4A7394823D@server.ecogenia.ca>

Oct 13 18:29:57 server postfix/smtpd[96620]: disconnect from localhost[127.0.0.1]

Oct 13 18:29:57 server postfix/qmgr[10532]: BAF773948249: from=<mike@behlerconstruction.com>, size=1692, nrcpt=1 (queue active)

Oct 13 18:29:57 server postfix/smtp[96618]: AE4A7394823D: to=<guycrasnier@server.ecogenia.ca>, orig_to=<gcrasnier@ecogenia.ca>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.7, delays=0.68/0.08/0.05/0.88, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=36333-18, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as BAF773948249)

Oct 13 18:29:57 server postfix/qmgr[10532]: AE4A7394823D: removed

Oct 13 18:29:58 server postfix/pipe[96624]: BAF773948249: to=<guycrasnier@server.ecogenia.ca>, relay=dovecot, delay=0.46, delays=0.03/0.09/0/0.35, dsn=2.0.0, status=sent (delivered via dovecot service)

Oct 13 18:29:58 server postfix/qmgr[10532]: BAF773948249: removed

Oct 13 18:33:16 server postfix/anvil[96611]: statistics: max connection rate 1/60s for (smtp:216.70.84.39) at Oct 13 18:29:55

Oct 13 18:33:16 server postfix/anvil[96611]: statistics: max connection count 1 for (smtp:216.70.84.39) at Oct 13 18:29:55

Oct 13 18:33:16 server postfix/anvil[96611]: statistics: max cache size 1 at Oct 13 18:29:55

Oct 13 19:39:40 server postfix/smtpd[575]: warning: 69.50.212.39: hostname admin.thecomputer4u.com verification failed: nodename nor servname provided, or not known

Oct 13 19:39:40 server postfix/smtpd[575]: connect from unknown[69.50.212.39]

Oct 13 19:39:40 server postfix/trivial-rewrite[580]: warning: do not list domain eurolub.org in BOTH mydestination and virtual_alias_domains

Oct 13 19:39:41 server postfix/smtpd[575]: NOQUEUE: reject: RCPT from unknown[69.50.212.39]: 450 4.7.1 <plemieux@eurolub.org>: Recipient address rejected: Service is unavailable; from=<SeniorPeopleMeet.comDating487@www.bestresortcasino.in> to=<plemieux@eurolub.org> proto=ESMTP helo=<totals.www.bestresortcasino.in>

Oct 13 19:39:41 server postfix/smtpd[575]: disconnect from unknown[69.50.212.39]

Oct 13 19:43:01 server postfix/anvil[579]: statistics: max connection rate 1/60s for (smtp:69.50.212.39) at Oct 13 19:39:40

Oct 13 19:43:01 server postfix/anvil[579]: statistics: max connection count 1 for (smtp:69.50.212.39) at Oct 13 19:39:40

Oct 13 19:43:01 server postfix/anvil[579]: statistics: max cache size 1 at Oct 13 19:39:40

Reply

Mail Server Blacklisted & Spamming

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up