Solved

log full of strange smtp send entries

Posted on 2011-03-10
2
484 Views
Last Modified: 2012-05-11
My postfix log has started filling up within a half a day and there seem to be a lot of strange smpt send entries.

I have SMTP authorisation set to allow only regsitered domains to send tyhrough the server.

Here are some of the entries.

Can anyone tell me how to trace where they came from or hwo to stop them please

thanks

Mar 10 16:31:54 localhost postfix/smtp[2806]: connect to mx.lostship.in[188.16.169.138]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2806]: C0EF89890D: to=<Emile@vdhvfbivawhehgwl.lostship.in>, relay=none, delay=26224, delays=25087/1123/14/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[188.16.169.138]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: 0DC1E93A18: from=<>, size=5178, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2775]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2775]: C7EFB33907: to=<Morgan@pbhddaggfhi.lostship.in>, relay=none, delay=94160, delays=93024/1134/2.1/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: A725E95374: from=<>, size=4879, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2796]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2796]: 03C7C85845: to=<Pat@mbcotydenufokpgngaovbjorwb.lostship.in>, relay=none, delay=334174, delays=333036/1097/42/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: AC5537526F: from=<>, size=3645, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2847]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2847]: C423490A64: to=<Clifton@kdcjkjbhltfljiha.lostship.in>, relay=none, delay=88042, delays=86905/1135/1.8/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: 0AD9574C0F: from=<>, size=5351, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2765]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2765]: 035E5EE9FE: to=<Audrey@ldmcamyhnucchngoiensacbnelg.lostship.in>, relay=none, delay=390602, delays=389463/1108/30/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: CE5AFF06FC: from=<Sophia@pbarnldbbhrsqepidqhep.kollaps.in>, size=2840, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/pipe[4180]: CE5AFF06FC: to=<aemeluur7343@49thscoutgroup.co.uk>, relay=maildrop, delay=932, delays=932/0/0/0.01, dsn=5.1.1, status=bounced (user unknown. Command output: Invalid user specified. )
Mar 10 16:31:54 localhost postfix/cleanup[4257]: BE2E26EE9F: message-id=<20110310163154.BE2E26EE9F@brasiletc.com>
Mar 10 16:31:54 localhost postfix/bounce[4049]: CE5AFF06FC: sender non-delivery notification: BE2E26EE9F
Mar 10 16:31:54 localhost postfix/qmgr[2747]: CE5AFF06FC: removed
Mar 10 16:31:54 localhost postfix/qmgr[2747]: ECC6CF0F21: from=<lydykydep8198@kli.lt>, size=1943, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/pipe[4180]: ECC6CF0F21: to=<nurezys6025@49thscoutgroup.co.uk>, relay=maildrop, delay=261, delays=261/0/0/0, dsn=5.1.1, status=bounced (user unknown. Command output: Invalid user specified. )
Mar 10 16:31:54 localhost postfix/cleanup[2844]: C073CF06FC: message-id=<20110310163154.C073CF06FC@brasiletc.com>
Mar 10 16:31:54 localhost postfix/bounce[4049]: ECC6CF0F21: sender non-delivery notification: C073CF06FC
Mar 10 16:31:54 localhost postfix/qmgr[2747]: ECC6CF0F21: removed
Mar 10 16:31:54 localhost postfix/qmgr[2747]: A31FD12A3E: from=<>, size=4798, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtp[2989]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2989]: C45C71183C: to=<Armand@lcldgmhagnaydmhinutddaml.lostship.in>, relay=none, delay=275637, delays=274498/1105/34/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 0B529EDA83: from=<>, size=3580, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtp[2830]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2789]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2808]: connect to mx.lostship.in[188.16.169.138]: Connection refused (port 25)
Mar 10 16:31:55 localhost postfix/smtpd[3340]: connect from qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2988]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2830]: 087DC8C634: to=<Noe@sbtoasefjsfbtreuinbctj.lostship.in>, relay=none, delay=219710, delays=218571/1102/37/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/smtpd[2762]: connect from qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2789]: 0C0BE96406: to=<Mariano@ldlinuviccgenxxbijnfa.lostship.in>, relay=none, delay=47570, delays=46431/1105/34/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/smtp[2808]: C09E79053B: to=<Sharron@scausxbtnghsgtscjsitxj.lostship.in>, relay=none, delay=82928, delays=81790/1136/2/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[188.16.169.138]: Connection refused)
Mar 10 16:31:55 localhost postfix/smtp[2988]: CFA89100D7: to=<Dorian@ldblcmkehmliilddjnkw.lostship.in>, relay=none, delay=385425, delays=384287/1131/6.9/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 0594A3139D: to=<Graham@sbtoasefjsfbtreuinbctj.lostship.in>, relay=none, delay=219714, delays=218809/905/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A8DAA10D73: from=<>, size=4690, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 660878A44A: from=<>, size=4838, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 08BDB10424: from=<>, size=3624, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 6CE3412031: from=<>, size=3630, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A6DB5318EC: from=<>, size=4710, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtpd[3340]: D894AF0F21: client=qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2876]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2876]: CE76E87952: to=<Alexis@nbncdndapnujjpxedindpwe.lostship.in>, relay=none, delay=425114, delays=423974/1097/44/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A03E28CD51: from=<>, size=3628, nrcpt=1 (queue active)
Mar 10 16:31:56 localhost postfix/cleanup[4257]: D894AF0F21: message-id=<9V1YNX-OC36JN-SQ@mbdhmioaugmjejolajntc.kollaps.in>
Mar 10 16:31:56 localhost postfix/smtpd[2762]: 16869F105E: client=qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:56 localhost postfix/smtp[2828]: connect to mx.kollaps.in[46.247.162.226]: Connection timed out (port 25)
Mar 10 16:31:56 localhost postfix/smtp[2828]: A49D533FBB: to=<Earline@rdsbdihrjrgtbejgtqtcisf.kollaps.in>, relay=none, delay=16520, delays=15379/1100/40/0, dsn=4.4.1, status=deferred (connect to mx.kollaps.in[46.247.162.226]: Connection timed out)
Mar 10 16:31:56 localhost postfix/qmgr[2747]: 09A519BE59: from=<>, size=5192, nrcpt=1 (queue active)
0
Comment
Question by:zpitzy
2 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 500 total points
ID: 35106374
mailq # display currently queued mail with some delivery notifications,
having the mail id, issue
postcat -q mailId # to display it verbosely
now browse bottom-up the Received : headers to find the path it already walked
0
 

Author Closing Comment

by:zpitzy
ID: 35395359
Did nto solve problem
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello EE, Today we will learn how to send all your network traffic through Tor which is useful to get around censorship and being tracked all together to a certain degree. This article assumes you will be using Linux, have a minimal knowledge of …
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
Video by: Mark
This lesson goes over how to construct ordered and unordered lists and how to create hyperlinks.

911 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now