Logout

Alt-N Discussion Groups > MDaemon Discussion Groups > MDaemon Support > Archive > Mail to unknown users gets accepted and sends spam.

 [F] Alt-N Discussion Groups  / MDaemon Discussion Groups  / MDaemon Support  / Archive  /

Mail to unknown users gets accepted and sends spam.

[Leverland, Gerrit]
Gerrit Leverlan…
Newbie
Newbie
Posts: 20
Gerrit Leverland - 01:59am, Apr 2 2020

Hi Mdaemon.

I have a strange situation where my server suddenly accepts mail from my machine name. test@hollywood.leverland.net. However If I look in the accounts I have this user doesn`t exists.

It is now massive spamming, however, i,m unable to find or close the account.

Do you have any idea how to solve this ? I,m running mdaemon 16.5.

Thu 2020-04-02 07:20:11.500: 05: Session 581216; child 0007
Thu 2020-04-02 07:20:11.500: 01: Parsing message <e:\apps\mdaemon\queues\remote\pd50001325643.msg>
Thu 2020-04-02 07:20:11.501: 01: * From: test@hollywood.leverland.net
Thu 2020-04-02 07:20:11.501: 01: * To: test@hollywood.leverland.net
Thu 2020-04-02 07:20:11.501: 01: * Subject: Please Update Your Account
Thu 2020-04-02 07:20:11.501: 01: * Size (bytes): 10837
Thu 2020-04-02 07:20:11.501: 01: * Message-ID:
Thu 2020-04-02 07:20:11.508: 01: * Route slip host: hotmail.com
Thu 2020-04-02 07:20:11.509: 01: * Route slip port: 25
Thu 2020-04-02 07:20:11.844: 05: Resolving MX record for hotmail.com (DNS Server: 2a01:7c8:b::c53)...
Thu 2020-04-02 07:20:12.106: 05: * P=002 S=000 D=hotmail.com TTL=(14) MX=[hotmail-com.olc.protection.outlook.com]
Thu 2020-04-02 07:20:12.106: 05: Attempting SMTP connection to hotmail-com.olc.protection.outlook.com
Thu 2020-04-02 07:20:12.107: 05: * hotmail-com.olc.protection.outlook.com found in internal AAAA lookup black-list
Thu 2020-04-02 07:20:12.107: 05: Resolving A record for hotmail-com.olc.protection.outlook.com (DNS Server: 2a01:7c8:b::c53)...
Thu 2020-04-02 07:20:12.392: 05: * D=hotmail-com.olc.protection.outlook.com TTL=(0) A=[104.47.56.161]
Thu 2020-04-02 07:20:12.392: 05: * D=hotmail-com.olc.protection.outlook.com TTL=(0) A=[104.47.57.161]
Thu 2020-04-02 07:20:12.392: 05: Randomly picked 104.47.57.161 from list of possible hosts
Thu 2020-04-02 07:20:12.393: 05: Attempting SMTP connection to 104.47.57.161:25
Thu 2020-04-02 07:20:12.393: 05: Waiting for socket connection...
Thu 2020-04-02 07:20:12.812: 05: * Connection established 80.69.83.50:61357 --> 104.47.57.161:25
Thu 2020-04-02 07:20:12.812: 05: Waiting for protocol to start...
Thu 2020-04-02 07:20:12.932: 02: <-- 220 DM6NAM11FT013.mail.protection.outlook.com Microsoft ESMTP MAIL Service ready at Thu, 2 Apr 2020 05:20:23 +0000 Thu 2020-04-02 07:20:12.944: 03: --> EHLO mail.leverland.nl
Thu 2020-04-02 07:20:13.444: 02: <-- 250-DM6NAM11FT013.mail.protection.outlook.com Hello [80.69.83.50] Thu 2020-04-02 07:20:13.444: 02: <-- 250-SIZE 49283072 Thu 2020-04-02 07:20:13.444: 02: <-- 250-PIPELINING Thu 2020-04-02 07:20:13.444: 02: <-- 250-DSN Thu 2020-04-02 07:20:13.444: 02: <-- 250-ENHANCEDSTATUSCODES Thu 2020-04-02 07:20:13.444: 02: <-- 250-STARTTLS Thu 2020-04-02 07:20:13.444: 02: <-- 250-8BITMIME Thu 2020-04-02 07:20:13.444: 02: <-- 250-BINARYMIME Thu 2020-04-02 07:20:13.444: 02: <-- 250-CHUNKING Thu 2020-04-02 07:20:13.444: 02: <-- 250 SMTPUTF8 Thu 2020-04-02 07:20:13.444: 03: --> STARTTLS
Thu 2020-04-02 07:20:13.868: 02: <-- 220 2.0.0 SMTP server ready Thu 2020-04-02 07:20:14.672: 01: SSL negotiation successful (TLS 1.2, 256 bit key exchange, 256 bit AES encryption) Thu 2020-04-02 07:20:14.672: 01: SSL certificate is valid (matches hotmail-com.olc.protection.outlook.com and is signed by recognized CA) Thu 2020-04-02 07:20:14.672: 03: --> EHLO mail.leverland.nl
Thu 2020-04-02 07:20:15.041: 02: <-- 250-DM6NAM11FT013.mail.protection.outlook.com Hello [80.69.83.50] Thu 2020-04-02 07:20:15.041: 02: <-- 250-SIZE 49283072 Thu 2020-04-02 07:20:15.041: 02: <-- 250-PIPELINING Thu 2020-04-02 07:20:15.041: 02: <-- 250-DSN Thu 2020-04-02 07:20:15.041: 02: <-- 250-ENHANCEDSTATUSCODES Thu 2020-04-02 07:20:15.041: 02: <-- 250-8BITMIME Thu 2020-04-02 07:20:15.041: 02: <-- 250-BINARYMIME Thu 2020-04-02 07:20:15.041: 02: <-- 250-CHUNKING Thu 2020-04-02 07:20:15.041: 02: <-- 250 SMTPUTF8 Thu 2020-04-02 07:20:15.041: 03: --> MAIL From:<test@hollywood.leverland.net> SIZE=10837
Thu 2020-0

  (older msg: 5)All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items

Edmund Cramp - Apr 3, 2020 2:09 pm (#6 Total: 6)  

 

Photo of Author
Edmund Cramp
Novice
Novice
Posts: 236

MDaemon
Outlook Connector
WebAdmin
Replying to: Arron Caruth (Apr 2, 2020 7:08 am)
What does the inbound SMTP log show is happening when the message is accepted?&nbsp;In this case, the inbound log is...

If the test@hollywood.leverland.net account doesn't exist then you can add it to the spam honey pots list (Security:Spam Filter menu) and all messages to the address will just vanish.
 



  All MessagesOldest ItemsOlder ItemsNewer ItemsNewest Items



 Content:

Read New | Search

 Guest:

Email to Admin



You are visiting as a Guest user.