Results 1 to 5 of 5

Thread: Question regarding the Admin Report

  1. #1
    Elcid_64 is offline Member
    Join Date
    Aug 2013
    Posts
    12
    Rep Power
    2

    Default Question regarding the Admin Report

    Greetings all:

    My Zimbra server has been black listed and I cannot figure out if I have a spam bot on the network or a user account has been compromised. The spams are definitely going through the Zimbra server but I am not finding much in the logs to help me. I looked at a daily admin report and I need to clarify that the "Top 50 Senders" are, in fact, emails that are being sent from my server. There are SEVERAL addresses on this list that are NOT from my domain. Any help would be appreciated. Thank you.

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,568
    Rep Power
    57

    Default

    Quote Originally Posted by Elcid_64 View Post
    My Zimbra server has been black listed and I cannot figure out if I have a spam bot on the network or a user account has been compromised. The spams are definitely going through the Zimbra server but I am not finding much in the logs to help me. I looked at a daily admin report and I need to clarify that the "Top 50 Senders" are, in fact, emails that are being sent from my server. There are SEVERAL addresses on this list that are NOT from my domain. Any help would be appreciated. Thank you.
    Unfortunately you've given little information about what exactly is the problem nor have you provided any details of the ZCS version and release, post the output of the following command when you ask questions on the forums (and also update your forum profile with that information):

    Code:
    zmcontrol -v
    Have you tested your server to see if it's an open relay (there plenty of test sites on the internet), What are you seeing in the log files that makes you think you're sending spam? Have you read any of the forum thread on this topic or the ones on "compromised account"? Have you made any changes to your server recently?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Elcid_64 is offline Member
    Join Date
    Aug 2013
    Posts
    12
    Rep Power
    2

    Default

    Greetings Bill:

    Thanks for your response.
    Release 8.0.4.GA.5737.UBUNTU12.64 UBUNTU12_64 FOSS edition.

    The server is not acting as an open relay - first thing I checked. Quite honestly I can't find anything in the logs simply because I don't know what to look for. In the Message Count Monitor in the admin I see where 855 emails were sent at 1:00am and that we are getting black-listed - backing up my contention that we are sending spam. I have made no changes to the server since it went online and I have been reading through the forums for the past three days trying to find some answers - none of which have panned out.

    My question was regarding the admin report and the top 50 senders section. Are the senders listed in that report people who have sent emails from my server?

  4. #4
    Elcid_64 is offline Member
    Join Date
    Aug 2013
    Posts
    12
    Rep Power
    2

    Default

    My Server spit out 400+ emails at 6:00pm. My Logs are too large to post (even from 5:00pm). Is there anyone who can help me decipher what the heck is going on? Thank you.

    Mail Log:

    Code:
    Oct  9 17:43:33 mail postfix/smtpd[10224]: warning: hostname customer150244.megacable.com.ar does not resolve to address 190.124.150.244
    Oct  9 17:43:33 mail postfix/smtpd[10224]: connect from unknown[190.124.150.244]
    Oct  9 17:43:34 mail postfix/smtpd[10224]: NOQUEUE: filter: RCPT from unknown[190.124.150.244]: <Middleton385@spapedia.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<Middleton385@spapedia.com> to=<slanigan@cpsphybill.com> proto=SMTP helo=<equipo>
    Oct  9 17:43:34 mail postfix/smtpd[10224]: NOQUEUE: filter: RCPT from unknown[190.124.150.244]: <Middleton385@spapedia.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<Middleton385@spapedia.com> to=<slanigan@cpsphybill.com> proto=SMTP helo=<equipo>
    Oct  9 17:43:34 mail postfix/smtpd[10224]: NOQUEUE: reject: RCPT from unknown[190.124.150.244]: 550 5.1.1 <slanigan@cpsphybill.com>: Recipient address rejected: cpsphybill.com; from=<Middleton385@spapedia.com> to=<slanigan@cpsphybill.com> proto=SMTP helo=<equipo>
    Oct  9 17:43:34 mail postfix/smtpd[10224]: disconnect from unknown[190.124.150.244]
    Oct  9 17:46:54 mail postfix/anvil[10226]: statistics: max connection rate 1/60s for (smtp:190.124.150.244) at Oct  9 17:43:33
    Oct  9 17:46:54 mail postfix/anvil[10226]: statistics: max connection count 1 for (smtp:190.124.150.244) at Oct  9 17:43:33
    Oct  9 17:46:54 mail postfix/anvil[10226]: statistics: max cache size 1 at Oct  9 17:43:33
    Oct  9 17:59:23 mail postfix/smtpd[17482]: connect from drone123.ral.icpbounce.com[216.27.86.180]
    Oct  9 17:59:23 mail postfix/smtpd[17482]: NOQUEUE: filter: RCPT from drone123.ral.icpbounce.com[216.27.86.180]: <bounces+227375.18259260.678575@icpbounce.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<bounces+227375.18259260.678575@icpbounce.com> to=<mjsanford@cpsphybill.com> proto=SMTP helo=<drone123.ral.icpbounce.com>
    Oct  9 17:59:23 mail postfix/smtpd[17482]: NOQUEUE: filter: RCPT from drone123.ral.icpbounce.com[216.27.86.180]: <bounces+227375.18259260.678575@icpbounce.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<bounces+227375.18259260.678575@icpbounce.com> to=<mjsanford@cpsphybill.com> proto=SMTP helo=<drone123.ral.icpbounce.com>
    Oct  9 17:59:23 mail postfix/smtpd[17482]: 686606067395: client=drone123.ral.icpbounce.com[216.27.86.180]
    Oct  9 17:59:23 mail postfix/cleanup[17486]: 686606067395: message-id=<0.0.118.D91.1CEC53A9D5DD744.0@drone123.ral.icpbounce.com>
    Oct  9 17:59:23 mail postfix/qmgr[3105]: 686606067395: from=<bounces+227375.18259260.678575@icpbounce.com>, size=37677, nrcpt=1 (queue active)
    Oct  9 17:59:23 mail postfix/smtpd[17482]: disconnect from drone123.ral.icpbounce.com[216.27.86.180]
    Oct  9 17:59:35 mail postfix/amavisd/smtpd[17500]: connect from localhost.localdoamin.com[127.0.0.1]
    Oct  9 17:59:35 mail postfix/amavisd/smtpd[17500]: 152886067403: client=localhost.localdoamin.com[127.0.0.1]
    Oct  9 17:59:35 mail postfix/cleanup[17486]: 152886067403: message-id=<0.0.118.D91.1CEC53A9D5DD744.0@drone123.ral.icpbounce.com>
    Oct  9 17:59:35 mail postfix/amavisd/smtpd[17500]: disconnect from localhost.localdoamin.com[127.0.0.1]
    Oct  9 17:59:35 mail postfix/qmgr[3105]: 152886067403: from=<bounces+227375.18259260.678575@icpbounce.com>, size=38729, nrcpt=1 (queue active)
    Oct  9 17:59:35 mail postfix/smtp[17487]: 686606067395: to=<mjsanford@cpsphybill.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=12, delays=0.42/0.01/0/11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 152886067403)
    Oct  9 17:59:35 mail postfix/qmgr[3105]: 686606067395: removed
    Oct  9 17:59:35 mail postfix/lmtp[17501]: 152886067403: to=<mjsanford@cpsphybill.com>, relay=mail.cpsphybill.com[10.0.10.245]:7025, delay=0.27, delays=0.06/0.01/0/0.2, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
    Oct  9 17:59:35 mail postfix/qmgr[3105]: 152886067403: removed
    Oct  9 18:02:43 mail postfix/anvil[17484]: statistics: max connection rate 1/60s for (smtp:216.27.86.180) at Oct  9 17:59:23
    Oct  9 18:02:43 mail postfix/anvil[17484]: statistics: max connection count 1 for (smtp:216.27.86.180) at Oct  9 17:59:23
    Oct  9 18:02:43 mail postfix/anvil[17484]: statistics: max cache size 1 at Oct  9 17:59:23
    Oct  9 18:22:48 mail postfix/smtpd[28651]: connect from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]
    Oct  9 18:22:49 mail postfix/smtpd[28651]: NOQUEUE: filter: RCPT from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]: <service@citibank.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<service@citibank.com> to=<hp_printer@cpsphybill.com> proto=SMTP helo=<cpe-76-188-246-25.neo.res.rr.com>
    Oct  9 18:22:49 mail postfix/smtpd[28651]: NOQUEUE: filter: RCPT from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]: <service@citibank.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<service@citibank.com> to=<hp_printer@cpsphybill.com> proto=SMTP helo=<cpe-76-188-246-25.neo.res.rr.com>
    Oct  9 18:22:49 mail postfix/smtpd[28651]: NOQUEUE: reject: RCPT from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]: 550 5.1.1 <hp_printer@cpsphybill.com>: Recipient address rejected: cpsphybill.com; from=<service@citibank.com> to=<hp_printer@cpsphybill.com> proto=SMTP helo=<cpe-76-188-246-25.neo.res.rr.com>
    Oct  9 18:22:49 mail postfix/smtpd[28651]: disconnect from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]
    Oct  9 18:26:09 mail postfix/anvil[28653]: statistics: max connection rate 1/60s for (smtp:76.188.246.25) at Oct  9 18:22:48
    Oct  9 18:26:09 mail postfix/anvil[28653]: statistics: max connection count 1 for (smtp:76.188.246.25) at Oct  9 18:22:48
    Oct  9 18:26:09 mail postfix/anvil[28653]: statistics: max cache size 1 at Oct  9 18:22:48

  5. #5
    Elcid_64 is offline Member
    Join Date
    Aug 2013
    Posts
    12
    Rep Power
    2

    Default

    Zimbra Logs (From 5:00pm)

    Code:
    Oct  9 17:59:23 mail postfix/smtpd[17482]: connect from drone123.ral.icpbounce.com[216.27.86.180]
    Oct  9 17:59:23 mail postfix/smtpd[17482]: NOQUEUE: filter: RCPT from drone123.ral.icpbounce.com[216.27.86.180]: <bounces+227375.18259260.678575@icpbounce.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<bounces+227375.18259260.678575@icpbounce.com> to=<mjsanford@cpsphybill.com> proto=SMTP helo=<drone123.ral.icpbounce.com>
    Oct  9 17:59:23 mail postfix/smtpd[17482]: NOQUEUE: filter: RCPT from drone123.ral.icpbounce.com[216.27.86.180]: <bounces+227375.18259260.678575@icpbounce.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<bounces+227375.18259260.678575@icpbounce.com> to=<mjsanford@cpsphybill.com> proto=SMTP helo=<drone123.ral.icpbounce.com>
    Oct  9 17:59:23 mail postfix/smtpd[17482]: 686606067395: client=drone123.ral.icpbounce.com[216.27.86.180]
    Oct  9 17:59:23 mail postfix/cleanup[17486]: 686606067395: message-id=<0.0.118.D91.1CEC53A9D5DD744.0@drone123.ral.icpbounce.com>
    Oct  9 17:59:23 mail postfix/qmgr[3105]: 686606067395: from=<bounces+227375.18259260.678575@icpbounce.com>, size=37677, nrcpt=1 (queue active)
    Oct  9 17:59:23 mail amavis[21697]: (21697-03) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20131009T135445-21697-OI0IBwWe: <bounces+227375.18259260.678575@icpbounce.com> -> <mjsanford@cpsphybill.com> SIZE=37677 Received: from mail.cpsphybill.com ([127.0.0.1]) by localhost (mail.cpsphybill.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <mjsanford@cpsphybill.com>; Wed,  9 Oct 2013 17:59:23 -0400 (EDT)
    Oct  9 17:59:23 mail postfix/smtpd[17482]: disconnect from drone123.ral.icpbounce.com[216.27.86.180]
    Oct  9 17:59:23 mail amavis[21697]: (21697-03) Checking: hbbWpSRxlmmV [216.27.86.180] <bounces+227375.18259260.678575@icpbounce.com> -> <mjsanford@cpsphybill.com>
    Oct  9 17:59:35 mail postfix/amavisd/smtpd[17500]: connect from localhost.localdoamin.com[127.0.0.1]
    Oct  9 17:59:35 mail postfix/amavisd/smtpd[17500]: 152886067403: client=localhost.localdoamin.com[127.0.0.1]
    Oct  9 17:59:35 mail postfix/cleanup[17486]: 152886067403: message-id=<0.0.118.D91.1CEC53A9D5DD744.0@drone123.ral.icpbounce.com>
    Oct  9 17:59:35 mail postfix/amavisd/smtpd[17500]: disconnect from localhost.localdoamin.com[127.0.0.1]
    Oct  9 17:59:35 mail postfix/qmgr[3105]: 152886067403: from=<bounces+227375.18259260.678575@icpbounce.com>, size=38729, nrcpt=1 (queue active)
    Oct  9 17:59:35 mail amavis[21697]: (21697-03) FWD from <bounces+227375.18259260.678575@icpbounce.com> -> <mjsanford@cpsphybill.com>,BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 152886067403
    Oct  9 17:59:35 mail amavis[21697]: (21697-03) Passed CLEAN {RelayedInbound}, [216.27.86.180]:41097 [216.27.86.180] <bounces+227375.18259260.678575@icpbounce.com> -> <mjsanford@cpsphybill.com>, Queue-ID: 686606067395, Message-ID: <0.0.118.D91.1CEC53A9D5DD744.0@drone123.ral.icpbounce.com>, mail_id: hbbWpSRxlmmV, Hits: -3.229, size: 37674, queued_as: 152886067403, dkim_sd=default:icontactmail4.com, 11347 ms
    Oct  9 17:59:35 mail postfix/smtp[17487]: 686606067395: to=<mjsanford@cpsphybill.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=12, delays=0.42/0.01/0/11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 152886067403)
    Oct  9 17:59:35 mail postfix/qmgr[3105]: 686606067395: removed
    Oct  9 17:59:35 mail postfix/lmtp[17501]: 152886067403: to=<mjsanford@cpsphybill.com>, relay=mail.cpsphybill.com[10.0.10.245]:7025, delay=0.27, delays=0.06/0.01/0/0.2, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
    Oct  9 17:59:35 mail postfix/qmgr[3105]: 152886067403: removed
    Oct  9 18:00:01 mail zimbramon[17685]: 17685:info: 2013-10-09 18:00:01, QUEUE: 0 0
    Oct  9 18:00:05 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:00:05 mail zmconfigd[7112]: All configs fetched in 0.03 seconds
    Oct  9 18:00:06 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:00:06 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:00:06 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:01:06 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:01:06 mail zmconfigd[7112]: All configs fetched in 0.03 seconds
    Oct  9 18:01:07 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:01:07 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:01:07 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:01:46 mail slapd[1201]: slap_queue_csn: queing 0x7f67553c81e0 20131009220146.325405Z#000000#000#000000
    Oct  9 18:01:46 mail slapd[1201]: slap_graduate_commit_csn: removing 0x2e04630 20131009220146.325405Z#000000#000#000000
    Oct  9 18:02:07 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:02:07 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:02:08 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:02:08 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:02:08 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:02:43 mail postfix/anvil[17484]: statistics: max connection rate 1/60s for (smtp:216.27.86.180) at Oct  9 17:59:23
    Oct  9 18:02:43 mail postfix/anvil[17484]: statistics: max connection count 1 for (smtp:216.27.86.180) at Oct  9 17:59:23
    Oct  9 18:02:43 mail postfix/anvil[17484]: statistics: max cache size 1 at Oct  9 17:59:23
    Oct  9 18:03:08 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:03:08 mail zmconfigd[7112]: All configs fetched in 0.03 seconds
    Oct  9 18:03:09 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:03:09 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:03:09 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:04:09 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:04:09 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:04:10 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:04:11 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:04:11 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:05:11 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:05:11 mail zmconfigd[7112]: All configs fetched in 0.08 seconds
    Oct  9 18:05:12 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:05:12 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:05:12 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:06:12 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:06:12 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:06:13 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:06:13 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:06:13 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:07:13 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:07:13 mail zmconfigd[7112]: All configs fetched in 0.05 seconds
    Oct  9 18:07:14 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:07:14 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:07:14 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:08:14 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:08:14 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:08:15 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:08:15 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:08:15 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:09:15 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:09:15 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:09:16 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:09:16 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:09:16 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:09:23 mail clamd[2812]: SelfCheck: Database status OK.
    Oct  9 18:10:01 mail zimbramon[22281]: 22281:info: 2013-10-09 18:10:01, QUEUE: 0 0
    Oct  9 18:10:16 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:10:16 mail zmconfigd[7112]: All configs fetched in 0.05 seconds
    Oct  9 18:10:17 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:10:17 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:10:17 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:11:17 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:11:17 mail zmconfigd[7112]: All configs fetched in 0.05 seconds
    Oct  9 18:11:18 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:11:18 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:11:18 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:12:18 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:12:18 mail zmconfigd[7112]: All configs fetched in 0.05 seconds
    Oct  9 18:12:19 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:12:19 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:12:19 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:13:19 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:13:19 mail zmconfigd[7112]: All configs fetched in 0.05 seconds
    Oct  9 18:13:20 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:13:21 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:13:21 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:14:21 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:14:21 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:14:22 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:14:22 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:14:22 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:15:22 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:15:22 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:15:23 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:15:23 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:15:23 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:16:23 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:16:23 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:16:24 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:16:24 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:16:24 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:17:24 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:17:24 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:17:25 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:17:25 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:17:25 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:18:25 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:18:25 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:18:26 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:18:26 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:18:26 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:19:23 mail clamd[2812]: SelfCheck: Database status OK.
    Oct  9 18:19:26 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:19:26 mail zmconfigd[7112]: All configs fetched in 0.05 seconds
    Oct  9 18:19:27 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:19:27 mail zmconfigd[7112]: All rewrite threads completed in 0.01 sec
    Oct  9 18:19:27 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:20:01 mail zimbramon[26969]: 26969:info: 2013-10-09 18:20:01, QUEUE: 0 0
    Oct  9 18:20:27 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:20:27 mail zmconfigd[7112]: All configs fetched in 0.05 seconds
    Oct  9 18:20:28 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:20:28 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:20:28 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:21:28 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:21:28 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:21:29 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:21:29 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:21:29 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:22:29 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:22:29 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:22:30 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:22:30 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:22:30 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:22:48 mail postfix/smtpd[28651]: connect from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]
    Oct  9 18:22:49 mail postfix/smtpd[28651]: NOQUEUE: filter: RCPT from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]: <service@citibank.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<service@citibank.com> to=<hp_printer@cpsphybill.com> proto=SMTP helo=<cpe-76-188-246-25.neo.res.rr.com>
    Oct  9 18:22:49 mail postfix/smtpd[28651]: NOQUEUE: filter: RCPT from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]: <service@citibank.com>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<service@citibank.com> to=<hp_printer@cpsphybill.com> proto=SMTP helo=<cpe-76-188-246-25.neo.res.rr.com>
    Oct  9 18:22:49 mail postfix/smtpd[28651]: NOQUEUE: reject: RCPT from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]: 550 5.1.1 <hp_printer@cpsphybill.com>: Recipient address rejected: cpsphybill.com; from=<service@citibank.com> to=<hp_printer@cpsphybill.com> proto=SMTP helo=<cpe-76-188-246-25.neo.res.rr.com>
    Oct  9 18:22:49 mail postfix/smtpd[28651]: disconnect from cpe-76-188-246-25.neo.res.rr.com[76.188.246.25]
    Oct  9 18:23:30 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:23:30 mail zmconfigd[7112]: All configs fetched in 0.06 seconds
    Oct  9 18:23:32 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:23:32 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:23:32 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:24:32 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:24:32 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:24:33 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:24:33 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:24:33 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:25:33 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:25:33 mail zmconfigd[7112]: All configs fetched in 0.04 seconds
    Oct  9 18:25:34 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:25:34 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:25:34 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:26:07 mail sshd[30206]: Accepted publickey for zimbra from 10.0.10.245 port 57855 ssh2
    Oct  9 18:26:07 mail sshd[30205]: Accepted publickey for zimbra from 10.0.10.245 port 57854 ssh2
    Oct  9 18:26:08 mail sshd[30522]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:08 mail sshd[30531]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:08 mail sshd[30831]: Accepted publickey for zimbra from 10.0.10.245 port 57856 ssh2
    Oct  9 18:26:09 mail postfix/anvil[28653]: statistics: max connection rate 1/60s for (smtp:76.188.246.25) at Oct  9 18:22:48
    Oct  9 18:26:09 mail postfix/anvil[28653]: statistics: max connection count 1 for (smtp:76.188.246.25) at Oct  9 18:22:48
    Oct  9 18:26:09 mail postfix/anvil[28653]: statistics: max cache size 1 at Oct  9 18:22:48
    Oct  9 18:26:10 mail sshd[30964]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:10 mail sshd[31150]: Accepted publickey for zimbra from 10.0.10.245 port 57857 ssh2
    Oct  9 18:26:11 mail sshd[31283]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:11 mail sshd[31451]: Accepted publickey for zimbra from 10.0.10.245 port 57858 ssh2
    Oct  9 18:26:13 mail sshd[31584]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:17 mail sshd[31794]: Accepted publickey for zimbra from 10.0.10.245 port 57860 ssh2
    Oct  9 18:26:17 mail sshd[31798]: Accepted publickey for zimbra from 10.0.10.245 port 57861 ssh2
    Oct  9 18:26:18 mail sshd[32045]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:18 mail sshd[32062]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:20 mail sshd[32329]: Accepted publickey for zimbra from 10.0.10.245 port 57862 ssh2
    Oct  9 18:26:20 mail sshd[32331]: Accepted publickey for zimbra from 10.0.10.245 port 57863 ssh2
    Oct  9 18:26:22 mail sshd[32596]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:22 mail sshd[32592]: Received disconnect from 10.0.10.245: 11: Closed due to user request.
    Oct  9 18:26:34 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:26:34 mail zmconfigd[7112]: All configs fetched in 0.03 seconds
    Oct  9 18:26:35 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:26:35 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:26:35 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:27:05 mail sshd[893]: Accepted password for administrator from 10.0.10.21 port 52831 ssh2
    Oct  9 18:27:11 mail clamd[2812]: Reading databases from /opt/zimbra/data/clamav/db
    Oct  9 18:27:18 mail clamd[2812]: Database correctly reloaded (2825921 signatures)
    Oct  9 18:27:35 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:27:35 mail zmconfigd[7112]: All configs fetched in 0.03 seconds
    Oct  9 18:27:36 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:27:36 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:27:36 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:28:36 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:28:36 mail zmconfigd[7112]: All configs fetched in 0.03 seconds
    Oct  9 18:28:37 mail zmconfigd[7112]: Watchdog: service antivirus status is OK.
    Oct  9 18:28:37 mail zmconfigd[7112]: All rewrite threads completed in 0.00 sec
    Oct  9 18:28:37 mail zmconfigd[7112]: All restarts completed in 0.00 sec
    Oct  9 18:29:37 mail zmconfigd[7112]: Fetching All configs
    Oct  9 18:29:37 mail zmconfigd[7112]: All configs fetched in 0.03 seconds

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Question on a daily mail report error
    By bhwong in forum Administrators
    Replies: 1
    Last Post: 01-21-2010, 09:24 PM
  2. Empty admin report
    By gamerboy in forum Administrators
    Replies: 0
    Last Post: 10-20-2009, 06:16 AM
  3. admin user don't have a report
    By danny.sierra@omtech.net in forum Administrators
    Replies: 1
    Last Post: 08-06-2008, 08:07 AM
  4. missing admin report
    By Mr_t999 in forum Administrators
    Replies: 0
    Last Post: 03-30-2008, 07:13 PM
  5. [SOLVED] Database Integrity check report question
    By k7sle in forum Administrators
    Replies: 3
    Last Post: 02-07-2008, 09:53 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •