sending localuser
hello, recently and while checking the "track delivery" i found out this issue: there is an email who sends to unkonwn email addresses automaticly. so i did put a restriction to not allow sending from this email address, here is the sending information:
is my vps being attacked or something like this?
| Event: | failure |
| User: | mydomain |
| Domain: | mydomain.com |
| From Address: | contact@mydomain.com |
| Sender: | contact@mydomain.com |
| Sent Time: | Oct 16, 2020, 10:15:10 AM |
| Sender Host: | localhost |
| Sender IP: | 127.0.0.1 |
| Authentication: | localuser |
| Spam Score: | |
| Recipient: | cvzfodq@pava.com |
| Delivery User: | -system- |
| Delivery Domain: | |
| Delivered To: | |
| Router: | autoreply_lookuphost |
| Transport: | remote_smtp |
| Out Time: | Oct 16, 2020, 10:15:10 AM |
| ID: | 1kTLpU-0002vj-KE |
| Delivery Host: | aspmx.l.google.com |
| Delivery IP: | 74.125.71.26 |
| Size: | 3.04 KB |
| Result: | ECDHE-ECDSA-AES128-GCM-SHA256:128 CV=yes: SMTP error from remote mail server after RCPT TO:: 550-5.1.1 The email account that you tried to reach does not exist. Please try\n550-5.1.1 double-checking the recipient's email address for typos or\n550-5.1.1 unnecessary spaces. Learn more at\n550 5.1.1 Fix bounced or rejected emails - Gmail Help a186si1779065wmc.33 - gsmtp |
-
good morning, i found out the reason and i'm sorry for disturbing. the problem is, i have many spam comming to the email address "contact@mydomain.com" then i did enable the boxtrapper, so every email come to the box trapper, contact@mydomain.com will send a verification email to the sender. at this point i did make a restrection not to send emails from contact. so in the track delivery i saw many sending errors to unknowns emails. i hope you did understand the conclusion of my issue. i'm sorry for my mistake 0 -
Hello, Firstly you are not disturbing .If your vps is sending emails without your concent it's time to investagate on a cPanel server with exim as it's mta have a look at tail /var/log/exim_mainlog tail /var/log/exim_rejectlog
enabling boxtrapper is not a good idea as it will cause more spam then it will help you in solving the problem.I have the impression there is some malicious script on your vps that is sending that mails i would try a scan with a virus scanner or rkhunter.0 -
good morning, i found out the reason and i'm sorry for disturbing. the problem is, i have many spam comming to the email address "contact@mydomain.com" then i did enable the boxtrapper, so every email come to the box trapper, contact@mydomain.com will send a verification email to the sender. at this point i did make a restrection not to send emails from contact. so in the track delivery i saw many sending errors to unknowns emails. i hope you did understand the conclusion of my issue. i'm sorry for my mistake
Glad to see you found the cause, this is exactly the thing that box trapper is designed to do. When it sends the verification email to one of the spammer addresses which doesn't exist you'd see the bounceback messages in Track Delivery which makes sense.0
Please sign in to leave a comment.
Comments
3 comments