weird RELAY alerts

This forum is only for reproducible bugs with csf and lfd (i.e. not iptables problems, lack of understanding how to use a feature, etc). Posts must be accompanied with full technical details of the problem and how it can be recreated. Any posts not adhering to this, or not considered bugs, will be moved to the General Discussion (csf) forum.
Post Reply
minadreapta
Junior Member
Posts: 44
Joined: 19 Dec 2007, 12:52

weird RELAY alerts

Post by minadreapta »

i recently received this alert by email, but the domain is not hosted on my server, the emails were not on the queue. what does this mean?

i received a lot of such alerts...

any idea?

thanks.

==========================
Time: Tue Jul 22 14:20:21 2008
Type: RELAY, Remote IP - 69.73.181.157 (delphi.nocdirect.com)
Count: 101 emails relayed
Blocked: No

Sample of the first 10 emails:

2008-07-22 14:03:44 1KLFee-0005uO-9z <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68845 id=E1KLFeZ-0000O8-V8@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:03:47 1KLFef-0005um-FT <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68688 id=E1KLFec-0000OY-It@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:03:47 1KLFeh-0005vL-3a <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68714 id=E1KLFee-0000PF-SX@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:03:48 1KLFef-0005un-O8 <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68700 id=E1KLFec-0000Oc-LV@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:03:50 1KLFej-0005ve-Qc <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68733 id=E1KLFeh-0000Pc-If@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:03:51 1KLFeg-0005vG-Qz <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68700 id=E1KLFee-0000P9-HX@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:03:56 1KLFeq-0005wg-CR <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68732 id=E1KLFeo-0000Qf-Gx@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:04:10 1KLFf5-0005yt-NV <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68688 id=E1KLFf3-0000Tr-Ge@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:04:18 1KLFfB-0005zT-8H <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68954 id=E1KLFf9-0000V4-Ec@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
2008-07-22 14:04:20 1KLFfD-0005zf-0w <= <> H=delphi.nocdirect.com [69.73.181.157] P=esmtps X=TLSv1:AES256-SHA:256 S=68697 id=E1KLFfA-0000VG-7p@delphi.nocdirect.com T="Mail delivery failed: returning message to sender"
Top
minadreapta
Junior Member
Posts: 44
Joined: 19 Dec 2007, 12:52

Post by minadreapta »

forgot to mention: i use csf v3.39

this alert keeps coming every 15 minutes or so.
Top
minadreapta
Junior Member
Posts: 44
Joined: 19 Dec 2007, 12:52

solved

Post by minadreapta »

someone was sending tons of emails (newsletter) from another server.

the domain has SPF record so yahoo was bouncing all the emails to my server.
Top
Post Reply

Return to “Report Bugs (csf)”