Hi,
Someone seems to be able to send spam through my mail server.
I did some tests using some sites and my ‘mail relay’ is disabled.
Is there a quick list of things to check to find out how they are doing it and how I can prevent it?
I have a Debian + virtualmin and I am using postfix.
Thanks.
Here is how I found out since I am getting a lot of those ‘Delivery delay’ notifications.
This is an automatically generated Delivery Status Notification
THIS IS A WARNING MESSAGE ONLY.
YOU DO NOT NEED TO RESEND YOUR MESSAGE.
Delivery to the following recipient has been delayed:
e11650b@barringtoncappartners.com
Message will be retried for 5 more day(s)
Technical details of temporary failure:
The recipient server did not accept our requests to connect. Learn more at http://support.google.com/mail/bin/answer.py?answer=7720
[(1) mail.barringtoncappartners.com. [70.164.242.60]:25: Connection timed out]
[(2) 70.164.242.60 [70.164.242.60]:25: Connection timed out]
----- Original message -----
X-Received: by 10.66.147.130 with SMTP id tk2mr12627039pab.125.1399179347463;
Sat, 03 May 2014 21:55:47 -0700 (PDT)
X-Gm-Message-State: ALoCoQmrY1ue1p1E/5Dn7lANmcchZ+M9P9fQKUfaMcvwJAMAqVxen8tPSJbP+ksHK8QmdCa8I3ukzxn5jsdeSnapSf5BjIn4hP19NoKqpcCYbnzv9F1keKs=
X-Received: by 10.66.147.130 with SMTP id tk2mr12627030pab.125.1399179347392;
Sat, 03 May 2014 21:55:47 -0700 (PDT)
Return-Path: e11650b@MyWebSite.com
Received: from psmtp.com (exprod7mx241.postini.com [64.18.2.95])
by mx.google.com with SMTP id xf3si4324542pab.138.2014.05.03.21.55.46
for e11650b@barringtoncappartners.com;
Sat, 03 May 2014 21:55:46 -0700 (PDT)
Received-SPF: neutral (google.com: 64.18.2.54 is neither permitted nor denied by domain of e11650b@MyWebSite.com) client-ip=64.18.2.54;
Authentication-Results: mx.google.com;
spf=neutral (google.com: 64.18.2.54 is neither permitted nor denied by domain of e11650b@MyWebSite.com) smtp.mail=e11650b@MyWebSite.com
Received: from psmtp.com ([64.18.2.54]) (using TLSv1) by exprod7mx241.postini.com ([64.18.6.10]) with SMTP;
Sun, 04 May 2014 00:55:46 EDT
Received: from [190.239.185.72] ([190.239.185.72]) by exprod7mx169.postini.com ([64.18.6.11]) with SMTP;
Wed, 19 Feb 2014 21:04:55 EST
Received: from [10.0.0.164] ([10.0.0.164:2806] helo=PC-ESCRITORIO)
by 741C61DA (envelope-from e11650b@MyWebSite.com)
(ecelerity 3.5.1.37854 r(Momo-dev:3.5.1.0)) with ESMTP
id 81/C7-69D03-ED7D7967; Wed, 19 Feb 2014 23:05:04 -0300
Date: Wed, 19 Feb 2014 23:04:54 -0300
From: “USAPharm” e11650b@MyWebSite.com
Reply-To: e11650b@MyWebSite.com
To: e11650b@barringtoncappartners.com
Message-ID: 69F0A8856A27CCDE76D351E070E14F9-A0AF7846C48187DC1122908197F982D8@PC-ESCRITORIO
Subject: User e11650b Special 65% OFF!
MIME-Version: 1.0
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Mailer: WhatCounts
ENVID: WC-8344123632751-3479C401804095AB1D33CD24E33470ED-0eeb05433787a4e1c4b9437f81c0bd8f
List-Unsubscribe: http://email.MyWebSite.com/u?id=3479C401804095AB1D33CD24E33470ED
X-Unsubscribe-Web: http://email.MyWebSite.com/u?id=3479C401804095AB1D33CD24E33470ED
X-pstn-levels: (S: 0.00000/24.00482 CV:99.9000 FC:95.5390 LC:95.5390 R:95.9108 P:95.9108 M:97.0282 C:98.6951 )
X-pstn-dkim: 0 skipped:not-enabled
X-pstn-status: off
X-pstn-dkim: 0 skipped:not-enabled
X-pstn-nxpr: disp=neutral, envrcpt=e11650b@barringtoncappartners.com
X-pstn-nxp: bodyHash=9aa0dd919cb700dd49d14f5542b9261575e05075, headerHash=67de43f1c706c320e407266cd0fa090fc30e49a4, keyName=4, rcptHash=45c34867b89338bfc1456466da26f4031b705c8f, sourceip=64.18.2.54, version=1
X-Gm-Spam: 1
X-Gm-Phishy: 0
X-pstn-nxpr: disp=neutral, envrcpt=e11650b@barringtoncappartners.com
X-pstn-nxp: bodyHash=9aa0dd919cb700dd49d14f5542b9261575e05075, headerHash=67de43f1c706c320e407266cd0fa090fc30e49a4, keyName=4, rcptHash=45c34867b89338bfc1456466da26f4031b705c8f, sourceip=64.18.2.54, version=1