• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1018
  • Last Modified:

Postfix error: Postfix SMTP server: errors from cloud-choicehost-mail.hspheredns.com[67.22.138.194]

I am getting the below email sent to me and need a little help understanding it:

Transcript of session follows.
 
 Out: 220 mail.XXXXX.com ESMTP Postfix
 In:  EHLO cloud-choicehost-mail.hspheredns.com
 Out: 250-mail.XXXXX.com
 Out: 250-PIPELINING
 Out: 250-SIZE 10240000
 Out: 250-ETRN
 Out: 250-STARTTLS
 Out: 250-AUTH LOGIN DIGEST-MD5 NTLM PLAIN GSSAPI CRAM-MD5
 Out: 250-AUTH=LOGIN DIGEST-MD5 NTLM PLAIN GSSAPI CRAM-MD5
 Out: 250-ENHANCEDSTATUSCODES
 Out: 250-8BITMIME
 Out: 250 DSN
 In:  STARTTLS
 Out: 454 4.3.0 TLS not available due to local problem
 In:  MAIL FROM:<info@cenbank.org> SIZE=4963
 Out: 250 2.1.0 Ok
 In:  RCPT TO:<jatinderpal968@XXXXX.com>
 Out: 550 5.1.1 <jatinderpal968@XXXXX.com>: Recipient address rejected:
     User unknown in virtual alias table
 In:  DATA
 Out: 554 5.5.1 Error: no valid recipients
 In:  QUIT
 Out: 221 2.0.0 Bye


1-If I am looking at it right it is just telling me as an administrator that this message was dropped due to user not known.
2-how can i stop this message from coming to me if it is just a informational message?
3-how do i verify that it is not delivering a NDR if it is?

server is Centos
MTA Postfix
0
knightdogs
Asked:
knightdogs
  • 2
  • 2
1 Solution
 
jar3817Commented:
Is this your server or some hosting server somewhere?

Yes, this is just an NDR. Based on the sender (info@cenbank.org) it looks like a phishing email. cenbank.org isn't a valid domain so there is no place to bounce the mail to, so it gets sent to the admin. This is how it is supposed to work. Perhaps you should set up a special mailbox just for NDRs that are undeliverable so you stop getting them.
0
 
jar3817Commented:
actually it is a valid domain (I fat-fingered it when doing the lookup), but still, it's probably forged.
0
 
knightdogsAuthor Commented:
This is my server, not a hosted server.  In exchange you can turn off NDR's i dont see how to turn them off in postfix, am i missing something?
0
 
bevhostCommented:
I don't think it's an NDR, as if it were, the sender address would be <>.
It's also not coming from an RFC compliant MTA, becuase it still attempts the DATA command even after it has not got any valid recipients.
I think it is some sort of spam agent.
0
 
knightdogsAuthor Commented:
Thank you for your help with this.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now