Spam via Postfix

Andy Bradford amb-plugg at bradfords.org
Wed Feb 2 19:03:18 MST 2011


Thus said Jessie Adan Morris on Tue, 01 Feb 2011 23:39:52 MST:

> Logs include entries which look like:
> 
> Feb  1 23:39:22 nova postfix/error[16480]: 255571FAD5A: 
> to=<kftjf at verizon.net>, relay=none, delay=13, delays=0.44/0.06/0/12, 
> dsn=4.0.0, status=deferred (delivery temporarily suspended: host 
> relay.verizon.net[206.46.232.11] refused to talk to me: 571 Email from 
> 160.7.244.25 is currently blocked by Verizon Online's anti-spam system. 
> The email sender or Email Service Provider may visit 
> http://www.verizon.net/whitelist and request removal of the block. 
> 110202)

What about  this log indicates that  your SMTP mail server  (postfix) is
relaying email? All this shows is that your mail server tried to deliver
a message to  a verizon mail server,  and that they rejected  it. Who is
the sender  of the message  to kftjf at verizon.net? Who/what  injected the
message? If indeed the message was  relayed by your server, there should
be an  entry in  it's smtpd log  indicating this. If  you feel  you have
configured postfix  correctly, then  I would look  elsewhere. I  see you
have  PHP  running on  mail.caandb.com.  I  would  start looking  for  a
hijacked PHP script.

Andy



More information about the PLUG mailing list