Returned Mail by the 1000s

Clint Savage herlo1 at gmail.com
Tue Jan 30 09:52:09 MST 2007


Gary thanx.

That sort of blocked it, but now I get hundreds of Undeliverable messages in
my inbox.  I am guessing that if I remove the "mail for korea.com is not
deliverable" part from the transport file, this will go away?

Also, I do think it's something local on my box, but nothing really appears
out of the ordinary.  Looking around, I've so far located a couple processes
that are suspect, but nothing really solid.  Are there any good tools out
there to help identify the culprit?

Cheers,

Clint

On 1/30/07, Gary Thornock <gthornock at yahoo.com> wrote:
>
> You might check the mynetworks and relay_domains settings in
> Postfix, but I suspect they're fine.  This looks more like
> there's an application running on your box that's sending mail.
> That's a more difficult problem to solve, unfortunately, unless
> it's an application that's supposed to be there and it's just
> being misused.
>
> If all of the mails being sent have the same destination domain,
> you can at least temporarily stop the flow by adding a couple of
> lines to /usr/local/etc/postfix/transport:
>
>   korea.com   error:mail for korea.com is not deliverable
>   .korea.com  error:mail for korea.com is not deliverable
>
> and then running the usual "postmap transport && postfix reload".
> Check first to make sure Postfix is using the transport map.
> There should be a line like this in main.cf:
>
>   transport_maps = hash:/usr/local/etc/postfix/transport
>
> Ultimately, though, if there is an unwanted application on your
> system sending email, you've got some work ahead of you getting
> things cleaned up.  The only way to really be sure that other
> parts of your system aren't also compromised is to reinstall.
>
>
> /*
> PLUG: http://plug.org, #utah on irc.freenode.net
> Unsubscribe: http://plug.org/mailman/options/plug
> Don't fear the penguin.
> */
>



More information about the PLUG mailing list