I don't understand what's going on here, but somehow all of a sudden I am on the spamcop RBL. If I tail /var/log/qmail/smtp/current, I'm seeing a TON of emails getting relayed that are all .ru hosts and addresses.
I've run every open relay test I could find and all of them say I'm good to go, but spamdyke says I'm accepting over 75000 emails a day and they're not hitting any of my inboxes. Can y'all help me diagnose and solve this? Here's a snippet of the current file: @40000000533d52101655376c CHKUSER relaying rcpt: from <fe...@782782.ru:kcob...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <1dawmydgeaa...@prosoft-m.ru> : client allowed to relay @40000000533d521016554324 policy_check: local kcob...@vipercrazy.com -> remote 1dawmydgeaa...@prosoft-m.ru (AUTHENTICATED SENDER) @40000000533d52101655470c policy_check: policy allows transmission @40000000533d52101703edfc CHKUSER accepted sender: from <i...@3vlodke.ru:bi...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <> : sender accepted @40000000533d521108b8a88c CHKUSER relaying rcpt: from <i...@3vlodke.ru:bi...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <inf...@dvugadn.kht.ru> : client allowed to relay @40000000533d521108b8b444 policy_check: local bi...@vipercrazy.com -> remote inf...@dvugadn.kht.ru (AUTHENTICATED SENDER) @40000000533d521108b8b444 policy_check: policy allows transmission @40000000533d52112c20499c simscan:[13710]:RELAYCLIENT:1.1458s:-:91.235.7.37:fe...@782782.ru:1dawmydgeaa...@prosoft-m.ru @40000000533d52112cba283c spamdyke[13709]: ALLOWED from: fe...@782782.ru to: 1dawmydgeaa...@prosoft-m.ru origin_ip: 91.235.7.37 origin_rdns: (unknown) auth: kcob...@vipercrazy.com encryption: (none) reason: 250_ok_1396527623_qp_13732 @40000000533d521139ada1f4 tcpserver: end 13709 status 0 @40000000533d521139ada5dc tcpserver: status: 1/100 @40000000533d5212129d193c simscan:[13718]:RELAYCLIENT:0.9592s:-:91.235.7.37:i...@3vlodke.ru:inf...@dvugadn.kht.ru @40000000533d52121316601c spamdyke[13717]: ALLOWED from: i...@3vlodke.ru to: inf...@dvugadn.kht.ru origin_ip: 91.235.7.37 origin_rdns: (unknown) auth: bi...@vipercrazy.com encryption: (none) reason: 250_ok_1396527624_qp_13752 @40000000533d52121a62824c tcpserver: status: 2/100 @40000000533d52121a628634 tcpserver: pid 13764 from 91.235.7.37 @40000000533d52121a628634 tcpserver: ok 13764 www.novagunrunners.com:66.151.32.133:25 :91.235.7.37::64980 @40000000533d5212201bdb34 tcpserver: end 13717 status 0 @40000000533d5212201bdf1c tcpserver: status: 1/100 @40000000533d521302016b8c tcpserver: status: 2/100 @40000000533d521302017744 tcpserver: pid 13766 from 91.235.7.37 @40000000533d521302017744 tcpserver: ok 13766 www.novagunrunners.com:66.151.32.133:25 :91.235.7.37::64990 @40000000533d52132c0ba474 CHKUSER accepted sender: from <pa...@143904.ru:kcob...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <> : sender accepted @40000000533d52133ae2b6f4 CHKUSER relaying rcpt: from <pa...@143904.ru:kcob...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <4-1696808-19797-20060901154637-v...@subscribe.ru> : client allowed to relay @40000000533d52133ae2c2ac policy_check: local kcob...@vipercrazy.com -> remote 4-1696808-19797-20060901154637-v...@subscribe.ru (AUTHENTICATED SENDER) @40000000533d52133ae2ca7c policy_check: policy allows transmission @40000000533d521413dbfdf4 CHKUSER accepted sender: from <o...@7-design.ru:bi...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <> : sender accepted @40000000533d52142423c32c simscan:[13765]:RELAYCLIENT:0.4157s:-:91.235.7.37:pa...@143904.ru:4-1696808-19797-20060901154637-v...@subscribe.ru @40000000533d521424f524bc spamdyke[13764]: ALLOWED from: pa...@143904.ru to: 4-1696808-19797-20060901154637-v...@subscribe.ru origin_ip: 91.235.7.37 origin_rdns: (unknown) auth: kcob...@vipercrazy.com encryption: (none) reason: 250_ok_1396527626_qp_13785 @40000000533d5214285cb1ec CHKUSER relaying rcpt: from <o...@7-design.ru:bi...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <pavel_ma...@tut.by> : client allowed to relay @40000000533d5214285cb9bc policy_check: local bi...@vipercrazy.com -> remote pavel_ma...@tut.by (AUTHENTICATED SENDER) @40000000533d5214285cbda4 policy_check: policy allows transmission @40000000533d5214317e9204 tcpserver: end 13764 status 0 @40000000533d5214317e95ec tcpserver: status: 1/100 @40000000533d521513228964 tcpserver: status: 2/100 @40000000533d521513228d4c tcpserver: pid 13811 from 91.235.7.37 @40000000533d521513229134 tcpserver: ok 13811 www.novagunrunners.com:66.151.32.133:25 :91.235.7.37::65030 @40000000533d52152188a204 simscan:[13767]:RELAYCLIENT:0.5571s:-:91.235.7.37:o...@7-design.ru:pavel_ma...@tut.by @40000000533d5215223220a4 spamdyke[13766]: ALLOWED from: o...@7-design.ru to: pavel_ma...@tut.by origin_ip: 91.235.7.37 origin_rdns: (unknown) auth: bi...@vipercrazy.com encryption: (none) reason: 250_ok_1396527627_qp_13803 @40000000533d52152ef946b4 tcpserver: end 13766 status 0 @40000000533d52152ef94e84 tcpserver: status: 1/100 @40000000533d52160e541164 tcpserver: status: 2/100 @40000000533d52160e54154c tcpserver: pid 13822 from 91.235.7.37 @40000000533d52160e541934 tcpserver: ok 13822 www.novagunrunners.com:66.151.32.133:25 :91.235.7.37::65046 @40000000533d52162335bd94 CHKUSER accepted sender: from <bog...@360dpi-nn.ru:kcob...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <> : sender accepted @40000000533d521715db544c CHKUSER relaying rcpt: from <bog...@360dpi-nn.ru:kcob...@vipercrazy.com:> remote <91.235.7.37:unknown:91.235.7.37> rcpt <mailer-dae...@isp.uralasbest.ru> : client allowed to relay @40000000533d521715db6004 policy_check: local kcob...@vipercrazy.com -> remote mailer-dae...@isp.uralasbest.ru (AUTHENTICATED SENDER) @40000000533d521715db6004 policy_check: policy allows transmission
