Hello All, I am not sure if this mailing list is the best place to ask this question. If not please point me to the better one.
I am running postfix based mailserver. Few days ago however I have noticed that some of the emails I am sending fall in the recipient spam filters. I have discovered that my ISP IP range is in uceprotect-level3 list, in addition I have found that my IP is listed in ips.backscatterer.org I don't have control of the ISP machines so I can not do much for the first problem, but at least I want to fix the backscatter issue. I have attached part of my mail log at the time suggested by backscatterer.org I indeed find the place where we see few "from=<>". I see also short below that that the recipient (I guess) mailservers reject my mailserver with reason "rejected due to spam or virus content" or "Your PROVIDER is BLACKLISTED at UCEPROTECT-LEVEL 3" I don't understand however who/how is sending those messages with "from=<>". I have setup local_recipient_maps = proxy:unix:passwd.byname $alias_maps So I should get local recipient reject if the recipient name is not in my alias_map or not and unix user Can someone help me interpreting the log below. Or can I make the log more detailed? Any suggestions will be appreciated! Feb 7 21:19:02 uCpbx postfix/anvil[14011]: statistics: max connection rate 1/60s for (smtp:109.187.243.221) at Feb 7 21:15:41 Feb 7 21:19:02 uCpbx postfix/anvil[14011]: statistics: max connection count 1 for (smtp:109.187.243.221) at Feb 7 21:15:41 Feb 7 21:19:02 uCpbx postfix/anvil[14011]: statistics: max cache size 1 at Feb 7 21:15:41 Feb 7 21:22:59 uCpbx dovecot: imap-login: Login: user=<mark_ucpbx>, method=PLAIN, rip=::ffff:204.225.113.99, lip=::ffff:192.168.1.2 , TLS Feb 7 21:23:06 uCpbx last message repeated 4 times Feb 7 21:23:07 uCpbx dovecot: IMAP(mark_ucpbx): Disconnected Feb 7 21:23:28 uCpbx postfix/smtpd[14183]: connect from unknown[190.149.93.28] Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: 6BBD885C2BA: from=<[email protected]>, size=1237, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: 2553085C34B: from=<[email protected]>, size=1232, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: C69BF85BF81: from=<>, size=10970, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: A841C85BECF: from=<>, size=6531, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: A50BA85C31C: from=<[email protected]>, size=1236, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: 4A1FD85BA11: from=<>, size=8765, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: 7557D85BA7E: from=<>, size=11116, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: 53DA685C1FC: from=<>, size=15070, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: 5571885C34C: from=<>, size=4330, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: DC72B85BA6E: from=<>, size=4084, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: D228585C332: from=<>, size=18688, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: BD4BE85C11C: from=<>, size=6789, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/qmgr[3492]: E73FD85BF7D: from=<[email protected]>, size=1239, nrcpt=1 (queue active) Feb 7 21:23:28 uCpbx postfix/smtp[14187]: connect to mail.mymail-in.net[217.20.163.8]: Connection refused (port 25) Feb 7 21:23:28 uCpbx postfix/smtp[14199]: connect to mail.mymail-in.net[217.20.163.8]: Connection refused (port 25) Feb 7 21:23:28 uCpbx postfix/smtp[14191]: connect to mail.mymail-in.net[217.20.163.8]: Connection refused (port 25) Feb 7 21:23:29 uCpbx postfix/smtpd[14183]: warning: support for restriction "check_relay_domains" will be removed from Postfix; use "reject_unauth_destination" instead Feb 7 21:23:29 uCpbx postfix/smtpd[14183]: 6318385AEC7: client=unknown[190.149.93.28] Feb 7 21:23:30 uCpbx postfix/smtp[14192]: 4A1FD85BA11: host smtp.secureserver.net[72.167.238.201] refused to talk to me: 554-p3pism tp01-015.prod.phx3.secureserver.net 554 Your access to this mail system has been rejected due to spam or virus content. If you belie ve that this failure is in error, please submit an unblock request at http://unblock.secureserver.net Feb 7 21:23:30 uCpbx postfix/smtp[14197]: D228585C332: host smtp.secureserver.net[72.167.238.201] refused to talk to me: 554-p3pism tp01-021.prod.phx3.secureserver.net 554 Your access to this mail system has been rejected due to spam or virus content. If you belie ve that this failure is in error, please submit an unblock request at http://unblock.secureserver.net Feb 7 21:23:31 uCpbx postfix/smtp[14192]: 4A1FD85BA11: to=<[email protected]>, relay=mailstore1.secures erver.net[72.167.238.201]:25, delay=236635, delays=236632/0.06/3.1/0, dsn=4.0.0, status=deferred (host mailstore1.secureserver.net[7 2.167.238.201] refused to talk to me: 554-p3pismtp01-006.prod.phx3.secureserver.net 554 Your access to this mail system has been rej ected due to spam or virus content. If you believe that this failure is in error, please submit an unblock request at http://unbloc k.secureserver.net) Feb 7 21:23:31 uCpbx postfix/smtp[14197]: D228585C332: to=<[email protected]>, relay=mailstore1.secureserver.net[72.167.238.201 ]:25, delay=147201, delays=147198/0.1/3.1/0, dsn=4.0.0, status=deferred (host mailstore1.secureserver.net[72.167.238.201] refused to talk to me: 554-p3pismtp01-014.prod.phx3.secureserver.net 554 Your access to this mail system has been rejected due to spam or viru s content. If you believe that this failure is in error, please submit an unblock request at http://unblock.secureserver.net) Feb 7 21:23:31 uCpbx postfix/cleanup[14200]: 6318385AEC7: message-id=<001e01caa7f8$ae232fb0$0a698f...@fr> Feb 7 21:23:31 uCpbx postfix/qmgr[3492]: 6318385AEC7: from=<[email protected]>, size=5907, nrcpt=5 (queue active) Feb 7 21:23:31 uCpbx spamd[4606]: spamd: connection from localhost [127.0.0.1] at port 49323 Feb 7 21:23:31 uCpbx spamd[4606]: spamd: setuid to spamfilter succeeded Feb 7 21:23:31 uCpbx spamd[4606]: spamd: processing message <001e01caa7f8$ae232fb0$0a698f...@fr> for spamfilter:527 Feb 7 21:23:31 uCpbx postfix/smtp[14195]: 5571885C34C: to=<[email protected]>, relay=mail.egiftplanet.com[208.91.131.6]:25, del ay=12844, delays=12841/0.13/1/2.4, dsn=5.0.0, status=bounced (host mail.egiftplanet.com[208.91.131.6] said: 571 Your PROVIDER is BLA CKLISTED at UCEPROTECT-LEVEL 3 - See: http://www.uceprotect.net/rblcheck.php?ipr=77.70.97.103 (in reply to RCPT TO command)) Feb 7 21:23:31 uCpbx postfix/qmgr[3492]: 5571885C34C: removed Feb 7 21:23:31 uCpbx postfix/smtpd[14183]: disconnect from unknown[190.149.93.28] Feb 7 21:23:33 uCpbx spamd[4606]: spamd: identified spam (28.9/5.0) for spamfilter:527 in 1.9 seconds, 5790 bytes. Feb 7 21:23:33 uCpbx spamd[4606]: spamd: result: Y 28 - BAYES_99,HTML_90_100,HTML_ATTR_UNIQUE,HTML_MESSAGE,RCVD_IN_BL_SPAMCOP_NET,R CVD_IN_XBL,URIBL_AB_SURBL,URIBL_JP_SURBL,URIBL_OB_SURBL,URIBL_SBL,URIBL_SC_SURBL,URIBL_WS_SURBL scantime=1.9,size=5790,user=spamfilt er,uid=527,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=49323,mid=<001e01caa7f8$ae232fb0$0a698f...@fr>,bayes=0.999999998 276899,autolearn=spam Feb 7 21:23:33 uCpbx spamd[2797]: prefork: child states: II Feb 7 21:23:33 uCpbx postfix/pipe[14203]: 6318385AEC7: to=<[email protected]>, relay=spamfilter, delay=4.4, delays=2.4/0.01/0/2, dsn=2.0.0, status=sent (delivered via spamfilter service) Feb 7 21:23:33 uCpbx postfix/pipe[14203]: 6318385AEC7: to=<[email protected]>, relay=spamfilter, delay=4.4, delays=2.4/0.01/0/2, dsn=2.0.0, status=sent (delivered via spamfilter service) Best Regards Dimitar
