[Mimedefang] mimedefang in endless loop (socketpair)
Kelson
kelson at speed.net
Tue May 23 13:10:19 EDT 2006
Paul Murphy wrote:
> Tomasz,
>
>> May 22 15:46:24 statek sendmail[14281]: k4MDkN1J014281:
>> from=<>, size=3019, class=0, nrcpts=0, proto=ESMTP, daemon=MTA,
>> relay=smtp11.wanadoo.fr [193.252.22.31]
>> May 22 15:46:24 statek sendmail[14281]: k4MDkN1J014281:
>> <l at batory.org.pl>... User unknown
>
> Looks like normal activity - someone sending via the Wanadoo server in France
> is attempting to send you lots of mail for an unknown user, and your system
> is correctly processing them and returning the user unknown error.
On a side note, this could be backscatter from a forged spam run. It's
been a while since I looked into it, but as I recall, Wanadoo either
generates bounce notices or does "sender verification" using the
ill-conceived method of opening an SMTP transaction and dropping before
data.
We see a lot of failed messages from <> to bunchofletters at speed.net
coming from Wanadoo's servers.
--
Kelson Vibber
SpeedGate Communications <www.speed.net>
More information about the MIMEDefang
mailing list