[BlueOnyx:20192] bulk SMTP sending
"Meaulnes Legler"@MailList
bluelist at waveweb.ch
Mon Oct 24 10:17:08 -05 2016
hi list
I got the following message from the server admin:
Subject: SPAM-Alert! (SMTP)
Mon Oct 24 14:34:23 2016: User from IP 92.104.124.118 sent more than 200 emails in four hours.
cool! didn't know excessive SMTP activity was monitored and reported!
I figured out who sent those mail in /var/log/maillog:
Oct 24 16:33:10 vs sendmail[30489]: STARTTLS=server, relay=118.124.104.92.dynamic.wline.res.cust.swisscom.ch [92.104.124.118], version=TLSv1/SSLv3, verify=NO, cipher=DHE-RSA-AES256-SHA, bits=256/256
Oct 24 16:33:10 vs sendmail[30489]: AUTH=server, relay=118.124.104.92.dynamic.wline.res.cust.swisscom.ch [92.104.124.118], authid=lpiatti, mech=PLAIN, bits=0
Oct 24 16:33:10 vs sendmail[30489]: u9OEXA09030489: 118.124.104.92.dynamic.wline.res.cust.swisscom.ch [92.104.124.118] did not issue MAIL/EXPN/VRFY/ETRN during connection to TLSMTA
what I don't is how this could happen... I have set a max of *25* recipients per message in the GUI. How could the user /lpiatti/ override this?
Thank you and best regards
Meaulnes Legler
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
~ www.WaveWeb.ch ~
~ ~ ~ ~ ~ ~ ~ ~ ~ ~ ~
~ Zurich, Switzerland ~
~ tel: +41 44 2601660 ~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.blueonyx.it/pipermail/blueonyx/attachments/20161024/896b2357/attachment.html>
More information about the Blueonyx
mailing list