Results 1 to 10 of 12

Thread: Is my server being used to forward spam?

Threaded View

  1. #1
    Join Date
    Mar 2006
    Posts
    15
    Rep Power
    9

    Default Is my server being used to forward spam?

    My server is really slow and all these messages are comming through in the log. My server went down last night and I'm hoping these are the emails being processed from last night, but I see a lot of the same email addresses over and over again like
    ----------------------------------------
    Mar 7 10:52:20 mi6 amavis[3163]: (03163-03-3) Blocked SPAM, LOCAL [192.168.1.1] [120.4.222.88] <Gino@ms16.hinet.net> -> <winter0504@yahoo.com.tw>,<winter0931@yahoo.com.tw >,<winter12310000@yahoo.com.tw>,<winter1993920@yah oo.com.tw>,<winter209@yahoo.com.tw>, Message-ID: <DBRJQDKCKQBYEELUKYHE@>, mail_id: FLxtoPiLnuqU, Hits: 40.77, 18436 ms
    -----------------------------------------
    Also, I have sent myself a few email tests and have not come through, I sent them from zimbra to hotmail and the other way around.

    Thanks for any help..

    Here is part of the log

    Mar 7 10:52:15 mi6 amavis[3160]: (03160-02-3) ESMTP::10024 /opt/zimbra/amavisd/tmp/amavis-20060307T104940-03160: <-@yahoo.co.jp> -> <c199j@ms2.hinet.net>,<c19b19@ms26.hinet.net>,<c19 @ms4.hinet.net>,<c19c40@ms45.hinet.net>,<c199ct@ms 7.hinet.net>,<c19b39@ms7.hinet.net> Received: SIZE=5455 from mi6.extier.com ([127.0.0.1]) by localhost (mi6.extier.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 03160-02-3; Tue, 7 Mar 2006 10:52:14 -0500 (EST)
    Mar 7 10:52:15 mi6 amavis[3156]: (03156-05-3) Checking: AGFhLbhq2UKB [192.168.1.1] <xjubxgqzk@so-net.net.b4> -> <keggyp@ms10.hinet.net>,<keggert@ms21.hinet.net>,< keggert@ms44.hinet.net>,<keggert@ms45.hinet.net>,< keggert@ms46.hinet.net>,<keggert@ms47.hinet.net>,< keggert@ms48.hinet.net>,<keggert@ms49.hinet.net>,< keg81466@ms7.hinet.net>,<kegic@ms8.hinet.net>
    Mar 7 10:52:15 mi6 amavis[3160]: (03160-02-3) Checking: DDz5scZb-H5b [192.168.1.1] <-@yahoo.co.jp> -> <c199j@ms2.hinet.net>,<c19b19@ms26.hinet.net>,<c19 @ms4.hinet.net>,<c19c40@ms45.hinet.net>,<c199ct@ms 7.hinet.net>,<c19b39@ms7.hinet.net>
    Mar 7 10:52:15 mi6 amavis[3160]: (03160-02-3) cached 5b3e8a38400a77ea117f120c179e642d from <-@yahoo.co.jp> (1,1)
    Mar 7 10:52:15 mi6 amavis[3160]: (03160-02-3) BAD HEADER from <-@yahoo.co.jp>: Non-encoded 8-bit data (char BE hex) in message header 'From': From: "\\276\\345\\276\\354\\276\\345\\276\\354\\276\\34 5\\276\\354\\276\\345\\276\\354...
    Mar 7 10:52:15 mi6 amavis[3160]: (03160-02-3) NOTICE: Not sending DSN, spam level exceeds DSN cutoff level for all recips, mail intentionally dropped
    Mar 7 10:52:16 mi6 amavis[3160]: (03160-02-3) Blocked SPAM, LOCAL [192.168.1.1] <-@yahoo.co.jp> -> <c199j@ms2.hinet.net>,<c19b19@ms26.hinet.net>,<c19 @ms4.hinet.net>,<c19c40@ms45.hinet.net>,<c199ct@ms 7.hinet.net>,<c19b39@ms7.hinet.net>, Message-ID: <@>, mail_id: DDz5scZb-H5b, Hits: 44.405, 2024 ms
    Mar 7 10:52:16 mi6 amavis[3158]: (03158-03-5) ESMTP::10024 /opt/zimbra/amavisd/tmp/amavis-20060307T104940-03158: <qxrspcfwc@yahoo.com.hk> -> <k23698f@yahoo.com.tw>,<k2374349@yahoo.com.tw>,<k2 374810@yahoo.com.tw>,<k23755259@yahoo.com.tw>,<k23 7671@yahoo.com.tw>,<k2377083@yahoo.com.tw>,<k23773 96@yahoo.com.tw>,<k23782@yahoo.com.tw> Received: SIZE=2748 from mi6.extier.com ([127.0.0.1]) by localhost (mi6.extier.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 03158-03-5; Tue, 7 Mar 2006 10:52:12 -0500 (EST)
    Mar 7 10:52:17 mi6 amavis[3158]: (03158-03-5) Checking: Vaoh2HfWj1cT [192.168.1.1] <qxrspcfwc@yahoo.com.hk> -> <k23698f@yahoo.com.tw>,<k2374349@yahoo.com.tw>,<k2 374810@yahoo.com.tw>,<k23755259@yahoo.com.tw>,<k23 7671@yahoo.com.tw>,<k2377083@yahoo.com.tw>,<k23773 96@yahoo.com.tw>,<k23782@yahoo.com.tw>
    Mar 7 10:52:20 mi6 amavis[3163]: (03163-03-3) BAD HEADER from <Gino@ms16.hinet.net>: Non-encoded 8-bit data (char C0 hex) in message header 'From': From: "abner\\300\\260\\261z\\273P\\267R\\244\\374\\267\ \276\\263qph...
    Mar 7 10:52:20 mi6 amavis[3163]: (03163-03-3) NOTICE: Not sending DSN, spam level exceeds DSN cutoff level for all recips, mail intentionally dropped
    Mar 7 10:52:20 mi6 amavis[3163]: (03163-03-3) Blocked SPAM, LOCAL [192.168.1.1] [120.4.222.88] <Gino@ms16.hinet.net> -> <winter0504@yahoo.com.tw>,<winter0931@yahoo.com.tw >,<winter12310000@yahoo.com.tw>,<winter1993920@yah oo.com.tw>,<winter209@yahoo.com.tw>, Message-ID: <DBRJQDKCKQBYEELUKYHE@>, mail_id: FLxtoPiLnuqU, Hits: 40.77, 18436 ms
    Last edited by sgb; 03-07-2006 at 07:06 PM.

Similar Threads

  1. initializing ldap...FAILED(256)ERROR
    By manjunath in forum Installation
    Replies: 39
    Last Post: 06-07-2013, 11:27 AM
  2. Zimbra fails after working for 2 weeks
    By Linsys in forum Administrators
    Replies: 10
    Last Post: 10-07-2008, 01:42 AM
  3. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 08:46 PM
  4. Error 256 on Installation
    By RuinExplorer in forum Installation
    Replies: 5
    Last Post: 10-19-2006, 10:19 AM
  5. just forward (not store localy) has a bug?
    By lfarkas in forum Administrators
    Replies: 11
    Last Post: 05-31-2006, 04:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •