?
Solved

log full of strange smtp send entries

Posted on 2011-03-10
2
Medium Priority
?
540 Views
Last Modified: 2012-05-11
My postfix log has started filling up within a half a day and there seem to be a lot of strange smpt send entries.

I have SMTP authorisation set to allow only regsitered domains to send tyhrough the server.

Here are some of the entries.

Can anyone tell me how to trace where they came from or hwo to stop them please

thanks

Mar 10 16:31:54 localhost postfix/smtp[2806]: connect to mx.lostship.in[188.16.169.138]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2806]: C0EF89890D: to=<Emile@vdhvfbivawhehgwl.lostship.in>, relay=none, delay=26224, delays=25087/1123/14/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[188.16.169.138]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: 0DC1E93A18: from=<>, size=5178, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2775]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2775]: C7EFB33907: to=<Morgan@pbhddaggfhi.lostship.in>, relay=none, delay=94160, delays=93024/1134/2.1/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: A725E95374: from=<>, size=4879, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2796]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2796]: 03C7C85845: to=<Pat@mbcotydenufokpgngaovbjorwb.lostship.in>, relay=none, delay=334174, delays=333036/1097/42/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: AC5537526F: from=<>, size=3645, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2847]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2847]: C423490A64: to=<Clifton@kdcjkjbhltfljiha.lostship.in>, relay=none, delay=88042, delays=86905/1135/1.8/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: 0AD9574C0F: from=<>, size=5351, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2765]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2765]: 035E5EE9FE: to=<Audrey@ldmcamyhnucchngoiensacbnelg.lostship.in>, relay=none, delay=390602, delays=389463/1108/30/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: CE5AFF06FC: from=<Sophia@pbarnldbbhrsqepidqhep.kollaps.in>, size=2840, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/pipe[4180]: CE5AFF06FC: to=<aemeluur7343@49thscoutgroup.co.uk>, relay=maildrop, delay=932, delays=932/0/0/0.01, dsn=5.1.1, status=bounced (user unknown. Command output: Invalid user specified. )
Mar 10 16:31:54 localhost postfix/cleanup[4257]: BE2E26EE9F: message-id=<20110310163154.BE2E26EE9F@brasiletc.com>
Mar 10 16:31:54 localhost postfix/bounce[4049]: CE5AFF06FC: sender non-delivery notification: BE2E26EE9F
Mar 10 16:31:54 localhost postfix/qmgr[2747]: CE5AFF06FC: removed
Mar 10 16:31:54 localhost postfix/qmgr[2747]: ECC6CF0F21: from=<lydykydep8198@kli.lt>, size=1943, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/pipe[4180]: ECC6CF0F21: to=<nurezys6025@49thscoutgroup.co.uk>, relay=maildrop, delay=261, delays=261/0/0/0, dsn=5.1.1, status=bounced (user unknown. Command output: Invalid user specified. )
Mar 10 16:31:54 localhost postfix/cleanup[2844]: C073CF06FC: message-id=<20110310163154.C073CF06FC@brasiletc.com>
Mar 10 16:31:54 localhost postfix/bounce[4049]: ECC6CF0F21: sender non-delivery notification: C073CF06FC
Mar 10 16:31:54 localhost postfix/qmgr[2747]: ECC6CF0F21: removed
Mar 10 16:31:54 localhost postfix/qmgr[2747]: A31FD12A3E: from=<>, size=4798, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtp[2989]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2989]: C45C71183C: to=<Armand@lcldgmhagnaydmhinutddaml.lostship.in>, relay=none, delay=275637, delays=274498/1105/34/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 0B529EDA83: from=<>, size=3580, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtp[2830]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2789]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2808]: connect to mx.lostship.in[188.16.169.138]: Connection refused (port 25)
Mar 10 16:31:55 localhost postfix/smtpd[3340]: connect from qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2988]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2830]: 087DC8C634: to=<Noe@sbtoasefjsfbtreuinbctj.lostship.in>, relay=none, delay=219710, delays=218571/1102/37/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/smtpd[2762]: connect from qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2789]: 0C0BE96406: to=<Mariano@ldlinuviccgenxxbijnfa.lostship.in>, relay=none, delay=47570, delays=46431/1105/34/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/smtp[2808]: C09E79053B: to=<Sharron@scausxbtnghsgtscjsitxj.lostship.in>, relay=none, delay=82928, delays=81790/1136/2/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[188.16.169.138]: Connection refused)
Mar 10 16:31:55 localhost postfix/smtp[2988]: CFA89100D7: to=<Dorian@ldblcmkehmliilddjnkw.lostship.in>, relay=none, delay=385425, delays=384287/1131/6.9/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 0594A3139D: to=<Graham@sbtoasefjsfbtreuinbctj.lostship.in>, relay=none, delay=219714, delays=218809/905/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A8DAA10D73: from=<>, size=4690, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 660878A44A: from=<>, size=4838, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 08BDB10424: from=<>, size=3624, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 6CE3412031: from=<>, size=3630, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A6DB5318EC: from=<>, size=4710, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtpd[3340]: D894AF0F21: client=qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2876]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2876]: CE76E87952: to=<Alexis@nbncdndapnujjpxedindpwe.lostship.in>, relay=none, delay=425114, delays=423974/1097/44/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A03E28CD51: from=<>, size=3628, nrcpt=1 (queue active)
Mar 10 16:31:56 localhost postfix/cleanup[4257]: D894AF0F21: message-id=<9V1YNX-OC36JN-SQ@mbdhmioaugmjejolajntc.kollaps.in>
Mar 10 16:31:56 localhost postfix/smtpd[2762]: 16869F105E: client=qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:56 localhost postfix/smtp[2828]: connect to mx.kollaps.in[46.247.162.226]: Connection timed out (port 25)
Mar 10 16:31:56 localhost postfix/smtp[2828]: A49D533FBB: to=<Earline@rdsbdihrjrgtbejgtqtcisf.kollaps.in>, relay=none, delay=16520, delays=15379/1100/40/0, dsn=4.4.1, status=deferred (connect to mx.kollaps.in[46.247.162.226]: Connection timed out)
Mar 10 16:31:56 localhost postfix/qmgr[2747]: 09A519BE59: from=<>, size=5192, nrcpt=1 (queue active)
0
Comment
Question by:zpitzy
2 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 1000 total points
ID: 35106374
mailq # display currently queued mail with some delivery notifications,
having the mail id, issue
postcat -q mailId # to display it verbosely
now browse bottom-up the Received : headers to find the path it already walked
0
 

Author Closing Comment

by:zpitzy
ID: 35395359
Did nto solve problem
0

Featured Post

Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Planning to migrate your EDB file(s) to a new or an existing Outlook PST file? This video will guide you how to convert EDB file(s) to PST. Besides this, it also describes, how one can easily search any item(s) from multiple folders or mailboxes…
If you are looking for an automated solution for backup single or multiple Office 365 user mailboxes to Outlook data file, then you can use Kernel Office 365 Backup & Restore tool. Go through the video to check out the steps to backup single or mult…
Suggested Courses

601 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question