[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
- Subject: RE: [vps-mail] sendmail / procmail / spamassassin and black smtp holes on VPS1 C
- From: Mark Berrett <provider@xxxxxxxxxxxxxx>
- Date: Fri, 10 Oct 2003 15:27:48 -0600 (MDT)
I wouldn't worry about this, and here is why.
You are running spamd. These lines in the log file are logged by spamd
connection from atvirt14.atvirtual.net [213.198.31.177] at port 3065
processing message <200310100719.h9A7JAkX084245@xxxxxxxxxxxxxxxxxxxxxx>
for
enconet:8113.
clean message (4.9/5.0) for enconet:8113 in 27.9 seconds, 3110 bytes.
In order for any network connection to be made their is a receiving and
connecting computer. What happened in this case is that procmail opened
up a connection to spamd from atvirt14.atvirtual.net on port 3065. That
is what the connection line shows.
The spam was delivered be cause it was determined to be a "clean message"
because its score was 4.9, 0.1 points below the threshold.
If you check your log files, you will find similar log files, with
different connecting ports from atvirt14.atvirtual.net. Clean messages
will be logged as "clean message", whereas spam will be logged as
"identified spam".
So don't worry, there is not an evil conspiracy to allow said "Verio
Spammers" to secretly deliver mail to your inbox.
--Mark Berrett
------------------------------------->
On Fri, 10 Oct 2003, Martin Fischer wrote:
> Sorry, I did not mention it before, we are using spamc / spamd
>
>
> Here we go with two headers: 1st with log entrys (port 3065!) second without
>
> 1)
> ------------------------
> Message-ID: <200310100719.h9A7JAkX084245@xxxxxxxxxxxxxxxxxxxxxx>
> From: Robinson <sally_rose@xxxxxxxxxxxx>
> To: enconet <enconet@xxxxxxxxxxx>
> Subject: Me/n .A Power/ful 'Herb " wfa,vzw
> Date: Fri, 10 Oct 2003 09:25:44 +0200
> MIME-Version: 1.0
> X-Mailer: Internet Mail Service (5.5.2653.19)
> Content-Type: multipart/alternative;
> boundary="----_=_NextPart_003_01C38F01.C64AB570"
>
> <XX>Oct 10 09:19:17 sendmail[84245]: h9A7JAkX084245: from=<sally_rose@xxxxxxxxxxxx>, size=2737, class=0, nrcpts=1,
> msgid=<200310100719.h9A7JAkX084245@xxxxxxxxxxxxxxxxxxxxxx>, proto=ESMTP, relay=client-200.106.10.154.speedy.net.pe [200.106.10.154]
> (may be forged)
> connection from atvirt14.atvirtual.net [213.198.31.177] at port 3065
> processing message <200310100719.h9A7JAkX084245@xxxxxxxxxxxxxxxxxxxxxx> for enconet:8113.
> clean message (4.9/5.0) for enconet:8113 in 27.9 seconds, 3110 bytes.
>
>
> 2)
> --------------------
> Message-ID: <pisg5sp1hx1k6142k6h5ft5d0pm@xxxxxxx>
> From: Ward Wood <k546oiqq@xxxxxxxxxxx>
> Reply-To: Ward Wood <k546oiqq@xxxxxxxxxxx>
> To: enconet <enconet@xxxxxxxxxxx>
> Subject: re: Unleash Your Cable Power!
> Date: Fri, 10 Oct 2003 07:15:18 +0200
> MIME-Version: 1.0
> X-Mailer: Internet Mail Service (5.5.2653.19)
> Content-Type: multipart/alternative;
> boundary="----_=_NextPart_003_01C38F01.C64AB570"
>
>
> ----
> Because port 3065 is not open on VPS1 (C), SPAM is delivered local by VERIO SPAMMERS ???? !!!!
>
>
> ======================================================================
> Technical questions regarding this list may be sent to
> <vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help
> response by sending an email with the word 'help' (w/o quotes) in the
> BODY of the message (subject is ignored) to <vps-mail-request@xxxxxxxxxxxx>.
> ======================================================================
>
======================================================================
Technical questions regarding this list may be sent to
<vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help
response by sending an email with the word 'help' (w/o quotes) in the
BODY of the message (subject is ignored) to <vps-mail-request@xxxxxxxxxxxx>.
======================================================================
Main Index |
Thread Index