Date: Mon, 21 Jan 2019 00:12:00 -0800 From: Patrick Mahan <plmahan@gmail.com> To: Odhiambo Washington <odhiambo@gmail.com> Cc: User Questions <freebsd-questions@freebsd.org> Subject: Re: Trying to understand some email issues Message-ID: <CAFDHx1J2py27dXe-qm%2B6u7peAY5Pgvcb6VHAm5xkWzvp1rWUPw@mail.gmail.com> In-Reply-To: <CAAdA2WPGE5793RMdpeo_r_js2mLgT5zV0gQTRBxfReCBJdPrTw@mail.gmail.com> References: <CAFDHx1JFWH8FAJ3nbvZC3m6CCpbjCqrG01PYNMOHJSKo2HnWWQ@mail.gmail.com> <CAAdA2WPGE5793RMdpeo_r_js2mLgT5zV0gQTRBxfReCBJdPrTw@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Thanks, for the feedback. I have been reading the postfix documentation, though I agree I don't have a good hand on understand its logs. I am fairly certain, no local users are sending to these accounts. Which is why I am confused about these emails from the yahoo mail server. But thanks for the steer. Patrick On Sun, Jan 20, 2019 at 11:31 PM Odhiambo Washington <odhiambo@gmail.com> wrote: > > > On Mon, 21 Jan 2019 at 09:35, Patrick Mahan <plmahan@gmail.com> wrote: > >> All, >> >> FreeBSD 11.2 >> >> Running postfix 3.3.2_1,1 >> >> I'm getting hammered with thousands of emails from yahoo.com - >> >> Here is an example - >> >> Jan 20 22:09:01 ns postfix/smtp[1308]: 2DA97A2E2EF: to=<pwascak@aol.com>, >> relay=mx-aol.mail.gm0.yahoodns.net[98.137.157.43]:25, delay=13730, >> delays=13728/0.31/1.1/0.06, dsn=4.7.0, status=deferred (host >> mx-aol.mail.gm0.yahoodns.net[98.137.157.43] said: 421 4.7.0 [TSS04] >> Messages from 23.24.207.145 temporarily deferred due to user complaints - >> 4.16.55.1; see https://help.yahoo.com/kb/postmaster/SLN3434.html (in >> reply >> to MAIL FROM command)) >> >> I'm trying to determine if I am somehow relaying emails to yahoo.com, or >> is >> this someone attacking me. >> > > Your server's public IP address is 23.24.207.145, right? > Yahoo MX is "temporarily" (that is what SMTP Error Code 451 is. Code 550 > is "permanently") > rejecting mail from your server. > This is normal with Yahoo and you need to go to the given URL to > understand why and possible > ways of mitigating the issue. > The thing is that ultimately, after some retries, Yahoo servers may accept > the mail. > You need to check your Postfix logs for this particular, or other such > emails to see if they are > originated by your legit users/IPs. > > > >> I am pretty sure I have postfix to avoid acting like a relay for >> unauthenticated connections. But this maybe something I have messed up. >> This has been happening only since I upgraded to 11.2 (I was at 9.x). I >> also just recently switch from sendmail to postfix as well. >> > > You just need to sit down and read Postfix documentation and understand > it's internals, > especially the logs. Without a clear understanding of the logs, you should > be very worried > as a Mail SysAdmin, very worried! :-) > I am NOT a Postfix Admin, but I understand some stuff about it. I use Exim > as my preferred MTA. > > >> I can provide my postfix config on request if needed. >> > > Not necessary for this case. > However, I would advise you to sit easy if you followed a proper howto in > setting up your MTA. > Just take your time now to read about and understand the logging. > > >> >> Pointers to other mail-lists are welcomed. I decided to start here before >> jumping on the postfix mailing list. >> >> No problem. > > > -- > Best regards, > Odhiambo WASHINGTON, > Nairobi,KE > +254 7 3200 0004/+254 7 2274 3223 > "Oh, the cruft.", grep ^[^#] :-) >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFDHx1J2py27dXe-qm%2B6u7peAY5Pgvcb6VHAm5xkWzvp1rWUPw>