Date: Mon, 21 Jan 2019 08:44:22 -0800 From: "Kurt Buff - GSEC, GCIH" <kurt.buff@gmail.com> To: "freebsd-questions@freebsd.org" <freebsd-questions@freebsd.org> Subject: Re: Trying to understand some email issues Message-ID: <CADy1Ce6-yVcMtZmZW6diGu_3WADNqTFsGEcceSvgp8R0d%2B_vfA@mail.gmail.com> In-Reply-To: <CAFDHx1JFWH8FAJ3nbvZC3m6CCpbjCqrG01PYNMOHJSKo2HnWWQ@mail.gmail.com> References: <CAFDHx1JFWH8FAJ3nbvZC3m6CCpbjCqrG01PYNMOHJSKo2HnWWQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jan 20, 2019 at 10:34 PM Patrick Mahan <plmahan@gmail.com> wrote: > > All, > > FreeBSD 11.2 > > Running postfix 3.3.2_1,1 > > I'm getting hammered with thousands of emails from yahoo.com - > > Here is an example - > > Jan 20 22:09:01 ns postfix/smtp[1308]: 2DA97A2E2EF: to=<pwascak@aol.com>, > relay=mx-aol.mail.gm0.yahoodns.net[98.137.157.43]:25, delay=13730, > delays=13728/0.31/1.1/0.06, dsn=4.7.0, status=deferred (host > mx-aol.mail.gm0.yahoodns.net[98.137.157.43] said: 421 4.7.0 [TSS04] > Messages from 23.24.207.145 temporarily deferred due to user complaints - > 4.16.55.1; see https://help.yahoo.com/kb/postmaster/SLN3434.html (in reply > to MAIL FROM command)) > > I'm trying to determine if I am somehow relaying emails to yahoo.com, or is > this someone attacking me. > > I am pretty sure I have postfix to avoid acting like a relay for > unauthenticated connections. But this maybe something I have messed up. > This has been happening only since I upgraded to 11.2 (I was at 9.x). I > also just recently switch from sendmail to postfix as well. > > I can provide my postfix config on request if needed. > > Pointers to other mail-lists are welcomed. I decided to start here before > jumping on the postfix mailing list. > > Thanks in advance, > > Patrick I'd suggest, as a first measure, going to https://mxtoolbox.com, and looking at their reports for your domain name and your IP address. Understanding your config and your logs is good, but a quick review of how others see your domain can point you in the right direction if there's an error in your config. For instance, you might have inadvertently made your host an open relay, and mxtoolbox will understand that. (that just an example - it actually seems unlikely, as otherwise you'd be getting bounces from more than just yahoo) Kurt
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADy1Ce6-yVcMtZmZW6diGu_3WADNqTFsGEcceSvgp8R0d%2B_vfA>