?
Solved

log full of strange smtp send entries

Posted on 2011-03-10
2
Medium Priority
?
520 Views
Last Modified: 2012-05-11
My postfix log has started filling up within a half a day and there seem to be a lot of strange smpt send entries.

I have SMTP authorisation set to allow only regsitered domains to send tyhrough the server.

Here are some of the entries.

Can anyone tell me how to trace where they came from or hwo to stop them please

thanks

Mar 10 16:31:54 localhost postfix/smtp[2806]: connect to mx.lostship.in[188.16.169.138]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2806]: C0EF89890D: to=<Emile@vdhvfbivawhehgwl.lostship.in>, relay=none, delay=26224, delays=25087/1123/14/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[188.16.169.138]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: 0DC1E93A18: from=<>, size=5178, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2775]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2775]: C7EFB33907: to=<Morgan@pbhddaggfhi.lostship.in>, relay=none, delay=94160, delays=93024/1134/2.1/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: A725E95374: from=<>, size=4879, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2796]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2796]: 03C7C85845: to=<Pat@mbcotydenufokpgngaovbjorwb.lostship.in>, relay=none, delay=334174, delays=333036/1097/42/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: AC5537526F: from=<>, size=3645, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2847]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2847]: C423490A64: to=<Clifton@kdcjkjbhltfljiha.lostship.in>, relay=none, delay=88042, delays=86905/1135/1.8/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: 0AD9574C0F: from=<>, size=5351, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/smtp[2765]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:54 localhost postfix/smtp[2765]: 035E5EE9FE: to=<Audrey@ldmcamyhnucchngoiensacbnelg.lostship.in>, relay=none, delay=390602, delays=389463/1108/30/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:54 localhost postfix/qmgr[2747]: CE5AFF06FC: from=<Sophia@pbarnldbbhrsqepidqhep.kollaps.in>, size=2840, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/pipe[4180]: CE5AFF06FC: to=<aemeluur7343@49thscoutgroup.co.uk>, relay=maildrop, delay=932, delays=932/0/0/0.01, dsn=5.1.1, status=bounced (user unknown. Command output: Invalid user specified. )
Mar 10 16:31:54 localhost postfix/cleanup[4257]: BE2E26EE9F: message-id=<20110310163154.BE2E26EE9F@brasiletc.com>
Mar 10 16:31:54 localhost postfix/bounce[4049]: CE5AFF06FC: sender non-delivery notification: BE2E26EE9F
Mar 10 16:31:54 localhost postfix/qmgr[2747]: CE5AFF06FC: removed
Mar 10 16:31:54 localhost postfix/qmgr[2747]: ECC6CF0F21: from=<lydykydep8198@kli.lt>, size=1943, nrcpt=1 (queue active)
Mar 10 16:31:54 localhost postfix/pipe[4180]: ECC6CF0F21: to=<nurezys6025@49thscoutgroup.co.uk>, relay=maildrop, delay=261, delays=261/0/0/0, dsn=5.1.1, status=bounced (user unknown. Command output: Invalid user specified. )
Mar 10 16:31:54 localhost postfix/cleanup[2844]: C073CF06FC: message-id=<20110310163154.C073CF06FC@brasiletc.com>
Mar 10 16:31:54 localhost postfix/bounce[4049]: ECC6CF0F21: sender non-delivery notification: C073CF06FC
Mar 10 16:31:54 localhost postfix/qmgr[2747]: ECC6CF0F21: removed
Mar 10 16:31:54 localhost postfix/qmgr[2747]: A31FD12A3E: from=<>, size=4798, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtp[2989]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2989]: C45C71183C: to=<Armand@lcldgmhagnaydmhinutddaml.lostship.in>, relay=none, delay=275637, delays=274498/1105/34/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 0B529EDA83: from=<>, size=3580, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtp[2830]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2789]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2808]: connect to mx.lostship.in[188.16.169.138]: Connection refused (port 25)
Mar 10 16:31:55 localhost postfix/smtpd[3340]: connect from qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2988]: connect to mx.lostship.in[190.55.9.234]: Connection refused (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2830]: 087DC8C634: to=<Noe@sbtoasefjsfbtreuinbctj.lostship.in>, relay=none, delay=219710, delays=218571/1102/37/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/smtpd[2762]: connect from qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2789]: 0C0BE96406: to=<Mariano@ldlinuviccgenxxbijnfa.lostship.in>, relay=none, delay=47570, delays=46431/1105/34/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/smtp[2808]: C09E79053B: to=<Sharron@scausxbtnghsgtscjsitxj.lostship.in>, relay=none, delay=82928, delays=81790/1136/2/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[188.16.169.138]: Connection refused)
Mar 10 16:31:55 localhost postfix/smtp[2988]: CFA89100D7: to=<Dorian@ldblcmkehmliilddjnkw.lostship.in>, relay=none, delay=385425, delays=384287/1131/6.9/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[190.55.9.234]: Connection refused)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 0594A3139D: to=<Graham@sbtoasefjsfbtreuinbctj.lostship.in>, relay=none, delay=219714, delays=218809/905/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A8DAA10D73: from=<>, size=4690, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 660878A44A: from=<>, size=4838, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 08BDB10424: from=<>, size=3624, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: 6CE3412031: from=<>, size=3630, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A6DB5318EC: from=<>, size=4710, nrcpt=1 (queue active)
Mar 10 16:31:55 localhost postfix/smtpd[3340]: D894AF0F21: client=qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:55 localhost postfix/smtp[2876]: connect to mx.lostship.in[109.108.75.3]: Connection timed out (port 25)
Mar 10 16:31:55 localhost postfix/smtp[2876]: CE76E87952: to=<Alexis@nbncdndapnujjpxedindpwe.lostship.in>, relay=none, delay=425114, delays=423974/1097/44/0, dsn=4.4.1, status=deferred (connect to mx.lostship.in[109.108.75.3]: Connection timed out)
Mar 10 16:31:55 localhost postfix/qmgr[2747]: A03E28CD51: from=<>, size=3628, nrcpt=1 (queue active)
Mar 10 16:31:56 localhost postfix/cleanup[4257]: D894AF0F21: message-id=<9V1YNX-OC36JN-SQ@mbdhmioaugmjejolajntc.kollaps.in>
Mar 10 16:31:56 localhost postfix/smtpd[2762]: 16869F105E: client=qt82.internetdsl.tpnet.pl[80.55.45.82]
Mar 10 16:31:56 localhost postfix/smtp[2828]: connect to mx.kollaps.in[46.247.162.226]: Connection timed out (port 25)
Mar 10 16:31:56 localhost postfix/smtp[2828]: A49D533FBB: to=<Earline@rdsbdihrjrgtbejgtqtcisf.kollaps.in>, relay=none, delay=16520, delays=15379/1100/40/0, dsn=4.4.1, status=deferred (connect to mx.kollaps.in[46.247.162.226]: Connection timed out)
Mar 10 16:31:56 localhost postfix/qmgr[2747]: 09A519BE59: from=<>, size=5192, nrcpt=1 (queue active)
0
Comment
Question by:zpitzy
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 43

Accepted Solution

by:
ravenpl earned 1000 total points
ID: 35106374
mailq # display currently queued mail with some delivery notifications,
having the mail id, issue
postcat -q mailId # to display it verbosely
now browse bottom-up the Received : headers to find the path it already walked
0
 

Author Closing Comment

by:zpitzy
ID: 35395359
Did nto solve problem
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

​Being a Managed Services Provider (MSP) has presented you  with challenges in the past— and by meeting those challenges you’ve reaped the rewards of success.  In 2014, challenges and rewards remain; but as the Internet and business environment evol…
BIND is the most widely used Name Server. A Name Server is the one that translates a site name to it's IP address. There is a new bug in BIND (https://kb.isc.org/article/AA-01272), affecting all versions of BIND 9 from BIND 9.1.0 (inclusive) thro…
In this video, Percona Director of Solution Engineering Jon Tobin discusses the function and features of Percona Server for MongoDB. How Percona can help Percona can help you determine if Percona Server for MongoDB is the right solution for …
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question