Emails to unknown domain
Hi all i have noticed now and again spam being processed on the server although does not get delivered as
#1 the email and domain do not exist on the server
#2 processed as spam and rejected.
how can this come to my vps if the domain does not and has not existed on here?
I have also checked the recieving email for if the email has been sent from that address and nothing.
I get about 5 emails like this a month.
Thanks
-
If you just got the email this morning it'd be in the current exim logs so you wouldn't need to look in the archives. You'd run the following: exigrep 1heywa-0003mr-et /var/log/exim_mainlog
Based on the output from the script though, none of the email activity appears to be concerning, though it is only able to obtain statistics from the current exim logs0 -
Hi @cPanelLauren i ran the code again to get no output (the email was received yesterday) Is there a way to stop the email going through my server? 0 -
Hi Mark, I'm looking through the screenshots you're showing and all of these emails show rejected email - none of these emails look to have been successfully delivered to you. 0 -
This is true although my server has nothing to do with any of those emails address's, domains or IP's im not sure why they are there and is there a way to stop them? 0 -
You can't stop them from getting rejected, unless you'd like to start receiving them. From what that shows they aren't emails that are reaching an inbox 0 -
I know that but how do i stop them from coming through my server when they have no need to come as the sender or recipient is not on the server involved? 0 -
They all seem to be sent to the same domain - It seems odd that you'd be accepting mail for a domain that isn't currently on the server. Are you using a smarthost through your provider? The MX records for that domain are pointed to cloudhosting.co.uk is this familiar to you? 0 -
im not sure if im using a smart host. i have not heared of smarthosting either. 0 -
A smarthost is a relay for outbound mail, many hosting providers utilize them. You could find out if you're using one presently by checking /etc/exim.conf.local, you might also want to discuss the issue you're experiencing with your hosting provider. 0 -
hi @cPanelLauren not sure what to look for although this is the contents of that file %RETRYBLOCK% +secondarymx * F,4h,5m; G,16h,1h,1.5; F,4d,8h * * F,2h,15m; G,16h,1h,1.5; F,4d,8h @AUTH@ @BEGINACL@ @CONFIG@ chunking_advertise_hosts = "" deliver_queue_load_max = 300 message_size_limit = 100M openssl_options = +no_sslv2 +no_sslv3 queue_only_load = 120 tls_require_ciphers = ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:!DSS @DIRECTOREND@ @DIRECTORMIDDLE@ @DIRECTORSTART@ @ENDACL@ @POSTMAILCOUNT@ @PREDOTFORWARD@ @PREFILTER@ @PRELOCALUSER@ @PRENOALIASDISCARD@ @PREROUTERS@ @PREVALIASNOSTAR@ @PREVALIASSTAR@ @PREVIRTUALUSER@ @RETRYEND@ @RETRYSTART@ @REWRITE@ @ROUTEREND@ @ROUTERMIDDLE@ @ROUTERSTART@ @TRANSPORTEND@ @TRANSPORTMIDDLE@ @TRANSPORTSTART@0 -
Hi @Mark Coates I don't think any of that would affect this and without being able to know domain names on the server + IP addresses, and see the exim logs it's making it too difficult to troubleshoot this issue through the forums. Can you please open a ticket using the link in my signature? Once open please reply with the Ticket ID here so that we can update this thread with the resolution once the ticket is resolved. Thanks! 0 -
Hi @cPanelLauren Ticket ID is 12682997 0 -
Hi @Mark Coates Great, I've added some notes summarizing the details discussed in this thread in the ticket and I'm watching the progress. 0
Please sign in to leave a comment.
Comments
43 comments