damir_john
asked on
Our mail distribution box set to be the sender of a spam mail.
Recently we received 3 error messages from Mdaemon at a local time no-one would be online.
Could someone please explain to me what these messages are all about. It doesn't make any sense to me.
Could someone please explain to me what these messages are all about. It doesn't make any sense to me.
1. The attached message had PERMANENT fatal delivery errors!
After one or more unsuccessful delivery attempts the attached message has
been removed from the mail queue on this server. The number and frequency
of delivery attempts are determined by local configuration parameters.
YOUR MESSAGE WAS NOT DELIVERED TO ONE OR MORE RECIPIENTS!
Failed address: tjrtkdtj@nate.com
--- Session Transcript ---
Mon 2008-02-11 05:18:02: Parsing message <xxxxxxxxxxxxxxxxxxxxxxxx\pd50001580104.msg>
Mon 2008-02-11 05:18:02: * From: "Our mail distribution box"
Mon 2008-02-11 05:18:02: * To: tjrtkdtj@nate.com
Mon 2008-02-11 05:18:02: * Subject: 1239660
Mon 2008-02-11 05:18:02: * Message-ID:
Mon 2008-02-11 05:18:02: Attempting SMTP connection to [nate.com]
Mon 2008-02-11 05:18:02: Resolving MX records for [nate.com] (DNS Server: 85.235.255.129)...
Mon 2008-02-11 05:18:03: * P=010 S=000 D=nate.com TTL=(7) MX=[smtp.nate.com] {203.226.255.61}
Mon 2008-02-11 05:18:03: Attempting SMTP connection to [203.226.255.61:25]
Mon 2008-02-11 05:18:03: Waiting for socket connection...
Mon 2008-02-11 05:18:03: * Connection established ("OurmailproviderIP":4321 -> 203.226.255.61:25)
Mon 2008-02-11 05:18:03: Waiting for protocol to start...
Mon 2008-02-11 05:18:04: <-- 541 5.6.0 Your message was rejected.
Mon 2008-02-11 05:18:04: --> QUIT
--- End Transcript ---
: Message contains [1] file attachments
2. The attached message had PERMANENT fatal delivery errors!
After one or more unsuccessful delivery attempts the attached message has
been removed from the mail queue on this server. The number and frequency
of delivery attempts are determined by local configuration parameters.
YOUR MESSAGE WAS NOT DELIVERED TO ONE OR MORE RECIPIENTS!
Failed address: ghwrhg22t4@dreamwiz.com
--- Session Transcript ---
Mon 2008-02-11 05:18:02: Parsing message <xxxxxxxxxxxxxxxxxxxxxxxx\pd50001580100.msg>
Mon 2008-02-11 05:18:02: * From: Our distribution mail
Mon 2008-02-11 05:18:02: * To: ghwrhg22t4@dreamwiz.com
Mon 2008-02-11 05:18:02: * Subject: 1239660
Mon 2008-02-11 05:18:02: * Message-ID:
Mon 2008-02-11 05:18:02: Attempting SMTP connection to [dreamwiz.com]
Mon 2008-02-11 05:18:02: Resolving MX records for [dreamwiz.com] (DNS Server: "OurmailproviderIP")...
Mon 2008-02-11 05:18:03: * P=010 S=000 D=dreamwiz.com TTL=(10) MX=[mx-rb.dreamwiz.com] {211.39.128.129}
Mon 2008-02-11 05:18:03: * P=010 S=001 D=dreamwiz.com TTL=(10) MX=[mx-ra.dreamwiz.com] {211.39.128.139}
Mon 2008-02-11 05:18:03: Attempting SMTP connection to [211.39.128.129:25]
Mon 2008-02-11 05:18:03: Waiting for socket connection...
Mon 2008-02-11 05:18:03: * Connection established ("OurmailproviderIP":4319 -> 211.39.128.129:25)
Mon 2008-02-11 05:18:03: Waiting for protocol to start...
Mon 2008-02-11 05:18:06: <-- 220 mx-r7.dreamwiz.com ESMTP DreamWiz (Sendmail 8.14.2/8.14.2); Mon, 11 Feb 2008 13:17:58 +0900 (KST)
Mon 2008-02-11 05:18:06: --> EHLO "Our DNS"
Mon 2008-02-11 05:18:07: <-- 250-mx-r7.dreamwiz.com Hello "Our webmail " [IP], pleased to meet you
Mon 2008-02-11 05:18:07: <-- 250-ENHANCEDSTATUSCODES
Mon 2008-02-11 05:18:07: <-- 250-PIPELINING
Mon 2008-02-11 05:18:07: <-- 250-8BITMIME
Mon 2008-02-11 05:18:07: <-- 250-SIZE 16777216
Mon 2008-02-11 05:18:07: <-- 250-DSN
Mon 2008-02-11 05:18:07: <-- 250-ETRN
Mon 2008-02-11 05:18:07: <-- 250-DELIVERBY
Mon 2008-02-11 05:18:07: <-- 250 HELP
Mon 2008-02-11 05:18:07: --> MAIL From:<"Our distribution box> SIZE=1633
Mon 2008-02-11 05:18:09: <-- 250 2.1.0 <"Our distribution box>... Sender ok
Mon 2008-02-11 05:18:09: --> RCPT To:<ghwrhg22t4@dreamwiz.com>
Mon 2008-02-11 05:18:16: <-- 550 5.7.1 <ghwrhg22t4@dreamwiz.com>... Access denied. see http://antispam.dreamwiz.com/BIN/lookup.cgi?t=ip&i="OurmailproviderIP"&f="Ourdistributionbox&c=&n=1&v=
Mon 2008-02-11 05:18:16: --> QUIT
--- End Transcript ---
: Message contains [1] file attachments
3. The attached message had PERMANENT fatal delivery errors!
After one or more unsuccessful delivery attempts the attached message has
been removed from the mail queue on this server. The number and frequency
of delivery attempts are determined by local configuration parameters.
YOUR MESSAGE WAS NOT DELIVERED TO ONE OR MORE RECIPIENTS!
Failed address: 1mn9080ie9stg5b@hanmail.net
--- Session Transcript ---
Mon 2008-02-11 05:18:02: Parsing message <xxxxxxxxxxxxxxxxxxxxxxxx\pd50001580102.msg>
Mon 2008-02-11 05:18:02: * From: "Our distribution box"
Mon 2008-02-11 05:18:02: * To: 1mn9080ie9stg5b@hanmail.net
Mon 2008-02-11 05:18:02: * Subject: 1239660
Mon 2008-02-11 05:18:02: * Message-ID:
Mon 2008-02-11 05:18:02: Attempting SMTP connection to [hanmail.net]
Mon 2008-02-11 05:18:02: Resolving MX records for [hanmail.net] (DNS Server: 85.235.255.129)...
Mon 2008-02-11 05:18:03: * P=010 S=000 D=hanmail.net TTL=(461) MX=[mx5.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=001 D=hanmail.net TTL=(461) MX=[mx6.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=002 D=hanmail.net TTL=(461) MX=[mx7.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=003 D=hanmail.net TTL=(461) MX=[mx8.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=004 D=hanmail.net TTL=(461) MX=[mx9.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=005 D=hanmail.net TTL=(461) MX=[mx10.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=006 D=hanmail.net TTL=(461) MX=[mx1.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=007 D=hanmail.net TTL=(461) MX=[mx2.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=008 D=hanmail.net TTL=(461) MX=[mx3.hanmail.net]
Mon 2008-02-11 05:18:03: * P=010 S=009 D=hanmail.net TTL=(461) MX=[mx4.hanmail.net]
Mon 2008-02-11 05:18:03: Attempting SMTP connection to [mx5.hanmail.net:25]
Mon 2008-02-11 05:18:03: Resolving A record for [mx5.hanmail.net] (DNS Server: 85.235.255.129)...
Mon 2008-02-11 05:18:03: * D=mx5.hanmail.net TTL=(461) A=[211.43.197.128]
Mon 2008-02-11 05:18:03: Attempting SMTP connection to [211.43.197.128:25]
Mon 2008-02-11 05:18:03: Waiting for socket connection...
Mon 2008-02-11 05:18:03: * Connection established ("OurmailproviderIP":4323 -> 211.43.197.128:25)
Mon 2008-02-11 05:18:03: Waiting for protocol to start...
Mon 2008-02-11 05:18:03: <-- 554 5.7.1 CCRX "OurmailproviderIP": Connection refused. Your IP address is blocked(anti-spam).
Mon 2008-02-11 05:18:03: --> QUIT
--- End Transcript ---
: Message contains [1] file attachments
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It's just wierd since it's not possible to send from a distribution box within an Exchange 2003 environment.
And another thing is that goes through our webmail at our DNS, there is no webmail configured that complies with the sender, only a catchall box.
And another thing is that goes through our webmail at our DNS, there is no webmail configured that complies with the sender, only a catchall box.
oh ok may be it is a bit strange..
not saying you are wrong, but as its only one or so emails that have failed. why whould it be spam. i would expect a few back iof this was the case..
a permanate fail just means that the delivery has been tried a number of time (setting for how long and how often it is retried are configabable) and has finaly given up..
so the fact its out of hours is not sugestive that its sapm jsut tahts when it finaly failed surely?