Results 1 to 7 of 7

Thread: lot of unwanted mails sending from our server with different domains

  1. #1
    bibin is offline Member
    Join Date
    Apr 2010
    Location
    Thiruvananthapuram
    Posts
    10
    Rep Power
    5

    Default lot of unwanted mails sending from our server with different domains

    Sir,

    We have installed a zcs-6.0.7_GA_2473.RHEL5_64 version on RHEL 5.5 server for official purpose. we have configured for domain education.in and no virtual domains added. Last day I found that a lot of mails sent from 127.0.0.1 host name with different domains (cy.mails.com) and sent to outside mail users and all these mails are bounced. The screen shot is attached. I have blocked this domains but not resolve this issue. I have no idea about this issues and no threads showing in this forum. pls help me...

    Tail the zimbra.log file it shows that our mailserver is blocked yahoo and gmails for huge number of mails sent from our server.
    So kindly support for this for rectifying this issues.
    The zimbra.log is as follows:
    Feb 8 12:21:38 pop postfix/error[28387]: 3D52DB133A7: to=<gisherlis@yahoo.com>, relay=none, delay=259396, delays=259231/165/0/0.35, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mta7.am0.yahoodns.net[98.136.217.202] refused to talk to me: 421 4.7.1 [TS03] All messages from 210.212.xxx.xxx will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Feb 8 12:21:38 pop postfix/error[28441]: 36AD0B107C8: to=<charlesrice_ahl@yahoo.com>, relay=none, delay=263635, delays=263470/165/0/0.23, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mta7.am0.yahoodns.net[98.136.217.202] refused to talk to me: 421 4.7.1 [TS03] All messages from 210.212.xxx.xxx will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Feb 8 12:21:38 pop postfix/error[28438]: 3200DB145F6: to=<sukyulsuh@yahoo.com>, relay=none, delay=257515, delays=257349/164/0/1.1, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mta7.am0.yahoodns.net[98.136.217.202] refused to talk to me: 421 4.7.1 [TS03] All messages from 210.212.xxx.xxx will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Feb 8 12:21:38 pop postfix/error[28395]: 309FFB11AE2: to=<valorousvic@yahoo.com>, relay=none, delay=262004, delays=261839/165/0/0.67, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mta7.am0.yahoodns.net[98.136.217.202] refused to talk to me: 421 4.7.1 [TS03] All messages from 210.212.xxx.xxx will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Feb 8 12:21:38 pop postfix/error[28446]: 3C5C5B14ABE: to=<drodriguezy2107@yahoo.com>, relay=none, delay=257106, delays=256941/165/0/0.23, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mta7.am0.yahoodns.net[98.136.217.202] refused to talk to me: 421 4.7.1 [TS03] All messages from 210.212.xxx.xxx will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Feb 8 12:21:38 pop postfix/error[28443]: 3ED82B101BA: to=<steve.winburn@yahoo.com>, relay=none, delay=264124, delays=263958/164/0/1.2, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mta7.am0.yahoodns.net[98.136.217.202] refused to talk to me: 421 4.7.1 [TS03] All messages from 210.212.xxx.xxx will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Feb 8 12:21:38 pop postfix/error[28472]: 383A4B11F13: to=<lilmeanone87@yahoo.com>, relay=none, delay=261588, delays=261422/165/0/0.79, dsn=4.7.1, status=deferred (delivery temporarily suspended: host mta7.am0.yahoodns.net[98.136.217.202] refused to talk to me: 421 4.7.1 [TS03] All messages from 210.212.xxx.xxx will be permanently deferred; Retrying will NOT succeed. See http://postmaster.yahoo.com/421-ts03.html)
    Attached Images Attached Images

  2. #2
    alessandro.motta is offline Trained Alumni
    Join Date
    Oct 2010
    Posts
    44
    Rep Power
    4

    Default

    Someone is sending spam through your server, probably because one of your email account password was found.
    Follow this thread, it should help you:

    How to find the source of spam

    Regards

  3. #3
    bibin is offline Member
    Join Date
    Apr 2010
    Location
    Thiruvananthapuram
    Posts
    10
    Rep Power
    5

    Default

    Thanks for your reply. This command shows the username and ip address sent spams. we have reset the password of the user. Anything we have to change for blocking spams?

  4. #4
    alessandro.motta is offline Trained Alumni
    Join Date
    Oct 2010
    Posts
    44
    Rep Power
    4

    Default

    Nothing more, just make sure you have correctly configured the "mynetwork" parameter under /opt/zimbra/postfix/conf/main.cf, but looking at your screenshot i assume your zimbra is running for years, you'd already had problems if mynetwork was configured incorrectly.

  5. #5
    bibin is offline Member
    Join Date
    Apr 2010
    Location
    Thiruvananthapuram
    Posts
    10
    Rep Power
    5

    Default

    Thanks for valuable reply, my zimbra, the "mynetwork" parameter have 127.0.0.1/8, 10.1.xx.xx, 210.212.2xx.xxx. 10.1.xx.xx is Private IP and 210.212.2xx.xx is public ip used for this server. No more IPs are configured.

  6. #6
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,568
    Rep Power
    57

    Default

    Quote Originally Posted by bibin View Post
    Thanks for valuable reply, my zimbra, the "mynetwork" parameter have 127.0.0.1/8, 10.1.xx.xx, 210.212.2xx.xxx. 10.1.xx.xx is Private IP and 210.212.2xx.xx is public ip used for this server. No more IPs are configured.
    You need to remove the public IP from those settings, it's not needed and may be causing these problems, the only entries you need are the loopback and the LAN IP (or subnet) for your server and you might also want to take a look at this wiki article. BTW, why did you add your Public IP to the Trusted Networks (it's not added there by default)?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    bibin is offline Member
    Join Date
    Apr 2010
    Location
    Thiruvananthapuram
    Posts
    10
    Rep Power
    5

    Default

    tankyou sir,
    we have removed the public IP. Hope its working fine....
    Thanks again

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] restrict sending mails to other domains
    By stalker in forum Administrators
    Replies: 12
    Last Post: 12-09-2011, 09:13 AM
  2. Sending mails to domains without use of DNS server
    By generic31 in forum Administrators
    Replies: 5
    Last Post: 08-08-2011, 03:17 AM
  3. Replies: 2
    Last Post: 01-17-2011, 12:53 AM
  4. [SOLVED] sending e-mails between my zimbra domains
    By cihan-tristit in forum Administrators
    Replies: 3
    Last Post: 06-01-2009, 11:04 AM
  5. Replies: 1
    Last Post: 02-17-2009, 12:09 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •