On 08/11/2010 08:20 PM, Christopher Adams wrote:
Hello all,
I am having a bit of a problem and I am not sure that it is specifically
Postfix-related, but I'll give it a shot. Feel free to flog me or tell
me to go away.
I am running Postfix 2.3 on a CentOS Linux server.
I noticed on our firewall that there were constant connections from the
machine running Postfix to addresses all over the world. The interesting
thing is that the connection is using OpenDNS [208.67.216.132], a public
DNS server. I do not use OpenDNS in my /etc/resolv.conf file (I have 2
other nameservers listed) and I don't know where it is coming from. Here
is an example:
Aug 11 16:01:25 swiki postfix/smtp[7832]: E38F8DB4CCB:
to=<ysamo9...@sx.cn <mailto:ysamo9...@sx.cn>>, relay=none, delay=30,
delays=0/0/30/0, dsn=4.4.1, status=deferred (connect to sx.cn
<http://sx.cn>[208.67.216.132]: Connection timed out)
If this is the appropriate place to post this question, can someone who
knows more than me analyze this and come up with a theory as to what is
going on?
Thanks for any help you might want to provide.
Looks like someone is trying to relay junk through your server. Check
your logs to find out where the original message entered from and trace
it back from there.
-Matt
