[BlueOnyx:10937] Re: server beinng abused

Steffan general at ziggo.nl
Fri Jul 6 04:05:14 -05 2012 

No cron
Only thing i found a couple of days ago is a session file

This is holding 777 Bounce lines like this
E11604733{I421}mtain-dd01.r1000.mx.aol.com Service unavailable - try again
later
O11674984
E11604739{I421}4.7.1 : (DYN:T1)
http://postmaster.info.aol.com/errors/421dynt1.html
O11604730
E11604743{I421}4.7.1 : (DYN:T1)
http://postmaster.info.aol.com/errors/421dynt1.html
E11637847{R550}[SUSPEND] Mailbox currently suspended - Please contact
correspondent directly
E11612146{I550}mwinf5c46 ME Adresse IP source bloquee pour incident de spam.
Client host blocked for spamming issues. OFR006_101 Ref
http://r.orange.fr/r/Oa$
E11611704{I550}mwinf5c46 ME Adresse IP source bloquee pour incident de spam.
Client host blocked for spamming issues. OFR006_101 Ref
http://r.orange.fr/r/Oa$
E11263168{R550}5.7.1 <mailings at cyberservices.tv>: Recipient address
rejected: Mail appeared to be SPAM or forged. Ask your
Mail/DNS-Administrator to



Also cbl team sent me a email with a header of the sending email
This is holding
Message-ID: <{deleted}.qmail at servername

Im using sendmail so qmail is strange ?

Steffan

-----Oorspronkelijk bericht-----
Van: blueonyx-bounces at mail.blueonyx.it
[mailto:blueonyx-bounces at mail.blueonyx.it] Namens BB-ONE.net -
BX/BQ-VPS-Hosting in Berlin
Verzonden: vrijdag 6 juli 2012 10:42
Aan: BlueOnyx General Mailing List
Onderwerp: [BlueOnyx:10935] Re: server beinng abused

Hi Steffan,

Perhaps in /tmp there is something interesting?
Mostly in this place we find their tools.

And what about cronjobs? Is there any job, you do not want?

What about bandwitdh? Are there unusual peaks?

Best wishes from Berlin

Dirk Jessel


Am 05.07.2012 19:12, schrieb Steffan:
> Hello,
>
> I have a server that is getting blacklisted
> Spamhaus says it is a email issue
>
> There is nothing in the logs
> Looks like someone is sending emails without the server is logging it
> How to find this problem ?
>
> Cant find any post commands in the httpd log
>
> Server is 5106 R and has abouth 100 sites
>
>   
>
> _______________________________________________
> Blueonyx mailing list
> Blueonyx at mail.blueonyx.it
> http://mail.blueonyx.it/mailman/listinfo/blueonyx


-- 
Dirk Jessel

BB-ONE.net - BX/BQ-VPS-Hosting in Berlin
Support-Team
-----------------------------------------------------------------------
     Internetpartner der Wirtschaft
     Web:       www.bb-one.net
     eMail:     support at bb-one.net
     Fon:       +49 30 22 49 46 30
     
     BB-ONE.net Ltd.
     Niederlassung Berlin
     13439 Berlin
     Borgsdorfer Strasse 30	
     USt-IdNr. DE188018781
     Amtsgericht Berlin-Charlottenburg, HRB 104629
     Geschäftsführer Uwe Stache
-----------------------------------------------------------------------



_______________________________________________
Blueonyx mailing list
Blueonyx at mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx

More information about the Blueonyx mailing list