email hitting server, but domain doesn't exist
10 days ago, I terminated an acccount and deleted all DNS entries.. (company no longer trading)
Just checking the logs today and can see an email delivery attempt, but how.
The domain hasn't been on this server for 10 days or more.
There are no DNS entries, the name servers point to the resgistra
I see lots of email delivery attempts to this domain
2020-01-23 13:40:34 H=131.74.60.190.host.ifxnetworks.com (host-200.14.43.132.merca.net.co)
[190.60.74.131]:35060 F= rejected RCPT :
The mail server could not deliver mail to xxxx@xxxxxx.co.uk.
The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
I see lots of email delivery attempts to this domain
-
10 days ago, I terminated an acccount and deleted all DNS entries.. (company no longer trading) Just checking the logs today and can see an email delivery attempt, but how. The domain hasn't been on this server for 10 days or more. There are no DNS entries, the name servers point to the resgistra
2020-01-23 13:40:34 H=131.74.xx.xxx.host.ifxnetworks.com (host-200.14.xx.xxx.merca.net.co) [190.60.xx.xxx]:35060 F= rejected RCPT : The mail server could not deliver mail to xxxx@xxxxxx.co.uk. The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
I see lots of email delivery attempts to this domain
There have to be DNS records that point to your IP present on the domain cached or otherwise, there would be no way for it to be routed to you. If they were sent from the domain and then bounced to your server, it could send to the IP present in the headers, though 10 days is a while for that.0 -
Is it possible that the BOT or whatever is doing this is using something like a modified host file and bypassing DNS altogther. As this server is about to close down, I've closed all firewall ports now, so nothing can get through. Intrigued how this was happening though. 0 -
It could be, is it still occurring? 0 -
CSF has all ports blocked, so nothing is getting through at the moment :-) 0
Please sign in to leave a comment.
Comments
4 comments