Seltsame Mail

Postfix, QMail, Sendmail, Dovecot, Cyrus, Courier, Anti-Spam
evilputti
Posts: 8
Joined: 2003-12-27 21:13

Seltsame Mail

Post by evilputti » 2004-01-13 17:20

Hallo!

Gerade habe ich eine leere Mail von:

"Jolly Margo"@pXXXXXXXX.pureserver.info

erhalten, wobei die Bezeichnung nach dem @ mit der meines Servers übereinstimmt. Habe ich jetzt einen Grund, mir Sorgen zu machen?

Vom Traffic her sieht auf dem Server alles ganz normal aus ...

MfG

evilputti

User avatar
Joe User
Project Manager
Project Manager
Posts: 11583
Joined: 2003-02-27 01:00
Location: Hamburg

Re: Seltsame Mail

Post by Joe User » 2004-01-13 17:33

evilputti wrote:Habe ich jetzt einen Grund, mir Sorgen zu machen?
Show Config+Log...
PayPal.Me/JoeUserFreeBSD Remote Installation
Wings for LifeWings for Life World Run

„If there’s more than one possible outcome of a job or task, and one
of those outcomes will result in disaster or an undesirable consequence,
then somebody will do it that way.“ -- Edward Aloysius Murphy Jr.

evilputti
Posts: 8
Joined: 2003-12-27 21:13

Re: Seltsame Mail

Post by evilputti » 2004-01-13 17:46

Die Nachricht ist von 13.01.2004 20:09 (meine Serverzeit ;) ). Habe ich mal fett markiert.

var/log/mail:
Jan 13 00:09:31 p15135144 popper[21417]: Stats: web2p1 0 0 0 0 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 00:19:23 p15135144 popper[21622]: Stats: web1p2 0 0 135 504012 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 00:20:14 p15135144 popper[21630]: Stats: web2p1 0 0 0 0 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 00:50:29 p15135144 popper[21833]: Stats: web1p2 0 0 135 504012 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 00:51:11 p15135144 postfix/smtpd[21838]: connect from chello062178042077.15.11.vie.surfer.at[62.178.42.77]
Jan 13 00:51:25 p15135144 postfix/smtpd[21838]: CEF6234C0D7: client=chello062178042077.15.11.vie.surfer.at[62.178.42.77]
Jan 13 00:51:36 p15135144 postfix/cleanup[21839]: CEF6234C0D7: message-id=<ep$962$h35-meeg$-$h$gh@cehu.oef>
Jan 13 00:51:36 p15135144 postfix/qmgr[400]: CEF6234C0D7: from=<399qcc@cht.com.tw>, size=2057, nrcpt=1 (queue active)
Jan 13 00:51:36 p15135144 postfix/local[21841]: CEF6234C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=11, status=sent (mailbox)
Jan 13 00:51:38 p15135144 postfix/smtpd[21838]: disconnect from chello062178042077.15.11.vie.surfer.at[62.178.42.77]
Jan 13 01:21:36 p15135144 popper[22045]: Stats: web1p2 0 0 136 506182 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 01:32:51 p15135144 popper[22128]: Stats: web2p1 0 0 0 0 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 01:38:20 p15135144 postfix/smtpd[22162]: connect from c-24-10-122-108.client.comcast.net[24.10.122.108]
Jan 13 01:38:21 p15135144 postfix/smtpd[22162]: 753F534C0D7: client=c-24-10-122-108.client.comcast.net[24.10.122.108]
Jan 13 01:38:21 p15135144 postfix/cleanup[22163]: 753F534C0D7: message-id=<COAAPAONEPPGMNFOIMADPCBBDBAA.lornaclaytonvb@gmcc.ab.ca>
Jan 13 01:38:21 p15135144 postfix/qmgr[400]: 753F534C0D7: from=<lornaclaytonvb@gmcc.ab.ca>, size=1256, nrcpt=1 (queue active)
Jan 13 01:38:22 p15135144 postfix/local[22165]: 753F534C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 01:38:22 p15135144 postfix/smtpd[22162]: disconnect from c-24-10-122-108.client.comcast.net[24.10.122.108]
Jan 13 01:43:14 p15135144 popper[22194]: Stats: web2p1 0 0 0 0 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 01:52:42 p15135144 popper[22264]: Stats: web1p2 0 0 137 507571 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 01:56:30 p15135144 popper[22287]: Stats: web2p1 0 0 0 0 pD9E16F43.dip.t-dialin.net 217.225.111.67 [pop_updt.c:296]
Jan 13 02:06:22 p15135144 postfix/smtpd[22437]: connect from mtmx5.einsundeins.de[212.227.34.36]
Jan 13 02:06:22 p15135144 postfix/smtpd[22437]: 21CF034C0D7: client=mtmx5.einsundeins.de[212.227.34.36]
Jan 13 02:06:22 p15135144 postfix/cleanup[22438]: 21CF034C0D7: message-id=<20040112223948.8700E57AA0@mtmx5.einsundeins.de>
Jan 13 02:06:22 p15135144 postfix/qmgr[400]: 21CF034C0D7: from=<PS-News_Liste.UM.A.1.61@unity5.einsundeins.com>, size=20155, nrcpt=1 (queue active)
Jan 13 02:06:22 p15135144 postfix/smtpd[22437]: disconnect from mtmx5.einsundeins.de[212.227.34.36]
Jan 13 02:06:22 p15135144 postfix/local[22440]: 21CF034C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=0, status=sent (mailbox)
Jan 13 03:56:26 p15135144 postfix/smtpd[23179]: warning: 210.202.210.37: hostname TC210-202-210-37.adsl.pl.apol.com.tw verification failed: Host not found
Jan 13 03:56:26 p15135144 postfix/smtpd[23179]: connect from unknown[210.202.210.37]
Jan 13 03:57:16 p15135144 postfix/smtpd[23179]: lost connection after HELO from unknown[210.202.210.37]
Jan 13 03:57:16 p15135144 postfix/smtpd[23179]: disconnect from unknown[210.202.210.37]
Jan 13 03:57:46 p15135144 postfix/smtpd[23179]: connect from unknown[211.39.14.58]
Jan 13 03:57:48 p15135144 postfix/smtpd[23179]: 015B434C0D7: client=unknown[211.39.14.58]
Jan 13 03:57:49 p15135144 postfix/cleanup[23184]: 015B434C0D7: message-id=<086501c3d9f4$97eec7f5$d6fefd10@skynet.be>
Jan 13 03:57:49 p15135144 postfix/qmgr[400]: 015B434C0D7: from=<avishollowayzd@zeit.de>, size=1457, nrcpt=1 (queue active)
Jan 13 03:57:49 p15135144 postfix/local[23186]: 015B434C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 03:57:50 p15135144 postfix/smtpd[23179]: disconnect from unknown[211.39.14.58]
Jan 13 04:54:30 p15135144 postfix/smtpd[23581]: connect from unknown[213.37.74.30]
Jan 13 04:54:32 p15135144 postfix/smtpd[23581]: 52DA934C0D7: client=unknown[213.37.74.30]
Jan 13 04:54:35 p15135144 postfix/cleanup[23582]: 52DA934C0D7: message-id=<KNCYBVV-0004549671027@karen>
Jan 13 04:54:35 p15135144 postfix/qmgr[400]: 52DA934C0D7: from=<ptvolyijfxrkxa@web.de>, size=3677, nrcpt=1 (queue active)
Jan 13 04:54:35 p15135144 postfix/local[23584]: 52DA934C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=3, status=sent (mailbox)
Jan 13 04:54:35 p15135144 postfix/smtpd[23581]: disconnect from unknown[213.37.74.30]
Jan 13 07:31:39 p15135144 postfix/smtpd[24652]: connect from WLL-23-pppoe170.t-net.net.ve[200.31.137.170]
Jan 13 07:31:40 p15135144 postfix/smtpd[24652]: 5357334C0D7: client=WLL-23-pppoe170.t-net.net.ve[200.31.137.170]
Jan 13 07:31:41 p15135144 postfix/cleanup[24653]: 5357334C0D7: message-id=<104310q406405jyw99@anbxt>
Jan 13 07:31:41 p15135144 postfix/qmgr[400]: 5357334C0D7: from=<quincymarcus@refilladvice.net>, size=2644, nrcpt=1 (queue active)
Jan 13 07:31:41 p15135144 postfix/local[24655]: 5357334C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 07:31:41 p15135144 postfix/smtpd[24652]: disconnect from WLL-23-pppoe170.t-net.net.ve[200.31.137.170]
Jan 13 08:12:10 p15135144 postfix/smtpd[24922]: connect from adsl-68-73-140-164.dsl.wotnoh.ameritech.net[68.73.140.164]
Jan 13 08:12:11 p15135144 postfix/smtpd[24922]: DE23434C0D7: client=adsl-68-73-140-164.dsl.wotnoh.ameritech.net[68.73.140.164]
Jan 13 08:12:12 p15135144 postfix/cleanup[24923]: DE23434C0D7: message-id=<NXRDZND-0004113319461@blade>
Jan 13 08:12:12 p15135144 postfix/qmgr[400]: DE23434C0D7: from=<dalwwkp@terra.com>, size=3510, nrcpt=1 (queue active)
Jan 13 08:12:12 p15135144 postfix/local[24925]: DE23434C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 08:12:13 p15135144 postfix/smtpd[24922]: disconnect from adsl-68-73-140-164.dsl.wotnoh.ameritech.net[68.73.140.164]
Jan 13 08:48:21 p15135144 postfix/smtpd[25178]: connect from cblmdm204-118-185-203.buckeye-express.com[204.118.185.203]
Jan 13 08:48:23 p15135144 postfix/smtpd[25178]: 9023734C0D7: client=cblmdm204-118-185-203.buckeye-express.com[204.118.185.203]
Jan 13 08:48:28 p15135144 postfix/cleanup[25179]: 9023734C0D7: message-id=<WURIQMX-0003582065982@intern>
Jan 13 08:48:28 p15135144 postfix/qmgr[400]: 9023734C0D7: from=<ogvbzykuoq@china.com>, size=1843, nrcpt=1 (queue active)
Jan 13 08:48:28 p15135144 postfix/local[25181]: 9023734C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=5, status=sent (mailbox)
Jan 13 08:48:28 p15135144 postfix/smtpd[25178]: disconnect from cblmdm204-118-185-203.buckeye-express.com[204.118.185.203]
Jan 13 09:04:41 p15135144 postfix/smtpd[25290]: connect from moutng.kundenserver.de[212.227.126.177]
Jan 13 09:04:41 p15135144 postfix/smtpd[25290]: DEFBD34C0D7: client=moutng.kundenserver.de[212.227.126.177]
Jan 13 09:04:41 p15135144 postfix/cleanup[25291]: DEFBD34C0D7: message-id=<PHCWGBQQSBXNBBQALXMZOLE@zipee.com>
Jan 13 09:04:41 p15135144 postfix/qmgr[400]: DEFBD34C0D7: from=<sdThayer@beograd.com>, size=3118, nrcpt=1 (queue active)
Jan 13 09:04:41 p15135144 postfix/smtpd[25290]: disconnect from moutng.kundenserver.de[212.227.126.177]
Jan 13 09:04:41 p15135144 postfix/local[25293]: DEFBD34C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=0, status=sent (mailbox)
Jan 13 09:22:31 p15135144 postfix/smtpd[25411]: connect from c-67-172-221-243.client.comcast.net[67.172.221.243]
Jan 13 09:22:31 p15135144 postfix/smtpd[25411]: B470634C0D7: client=c-67-172-221-243.client.comcast.net[67.172.221.243]
Jan 13 09:22:32 p15135144 postfix/cleanup[25412]: B470634C0D7: message-id=<2.2.32.20040113053824007c4e89@worldcom.ch>
Jan 13 09:22:32 p15135144 postfix/qmgr[400]: B470634C0D7: from=<t_meyers_ed@worldcom.ch>, size=1161, nrcpt=1 (queue active)
Jan 13 09:22:32 p15135144 postfix/local[25414]: B470634C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 09:22:32 p15135144 postfix/smtpd[25411]: disconnect from c-67-172-221-243.client.comcast.net[67.172.221.243]
Jan 13 09:56:13 p15135144 postfix/smtpd[25639]: connect from unknown[66.63.162.168]
Jan 13 09:56:13 p15135144 postfix/smtpd[25639]: 8571034C0D7: client=unknown[66.63.162.168]
Jan 13 09:56:14 p15135144 postfix/cleanup[25640]: 8571034C0D7: message-id=<1073982969.1183@mails-5.eservemail.com>
Jan 13 09:56:14 p15135144 postfix/qmgr[400]: 8571034C0D7: from=<n74186821l@eservemail.com>, size=5306, nrcpt=1 (queue active)
Jan 13 09:56:14 p15135144 postfix/local[25642]: 8571034C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 09:56:14 p15135144 postfix/smtpd[25639]: disconnect from unknown[66.63.162.168]
Jan 13 10:38:42 p15135144 postfix/smtpd[25930]: connect from unknown[61.237.159.103]
Jan 13 10:38:44 p15135144 postfix/smtpd[25930]: 62E4E34C0D7: client=unknown[61.237.159.103]
Jan 13 10:38:45 p15135144 postfix/cleanup[25931]: 62E4E34C0D7: message-id=<6b3901c3d9d3$12fcf43b$627b1516@cfc-consultancy.co.uk>
Jan 13 10:38:45 p15135144 postfix/qmgr[400]: 62E4E34C0D7: from=<jessecrumpuu@altium.nl>, size=1950, nrcpt=1 (queue active)
Jan 13 10:38:45 p15135144 postfix/local[25933]: 62E4E34C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 10:38:46 p15135144 postfix/smtpd[25930]: disconnect from unknown[61.237.159.103]
Jan 13 10:45:19 p15135144 postfix/smtpd[25989]: connect from unknown[219.141.35.153]
Jan 13 10:45:23 p15135144 postfix/smtpd[25989]: 9FCF534C0D7: client=unknown[219.141.35.153]
Jan 13 10:45:24 p15135144 postfix/cleanup[25990]: 9FCF534C0D7: message-id=<20040113094523.9FCF534C0D7@p15135144.pureserver.info>
Jan 13 10:45:24 p15135144 postfix/qmgr[400]: 9FCF534C0D7: from=<g_rossi_id@iuv.liu.se>, size=1332, nrcpt=1 (queue active)
Jan 13 10:45:24 p15135144 postfix/local[25992]: 9FCF534C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 10:45:26 p15135144 postfix/smtpd[25989]: disconnect from unknown[219.141.35.153]
Jan 13 11:30:13 p15135144 popper[26298]: Stats: web1p2 0 0 148 555039 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 11:50:51 p15135144 popper[26428]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 12:01:25 p15135144 popper[26508]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 12:05:20 p15135144 popper[26531]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 12:12:16 p15135144 popper[26572]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 12:15:04 p15135144 popper[26606]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 12:25:29 p15135144 popper[26662]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 13:15:35 p15135144 popper[27013]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 13:40:38 p15135144 popper[27171]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 13:47:48 p15135144 popper[27227]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 14:06:39 p15135144 popper[27354]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 14:08:03 p15135144 popper[27366]: web1p2 at p5086F38F.dip.t-dialin.net (80.134.243.143): -ERR Too few arguments for the pass command. [pop_get_command.c:124]
Jan 13 14:08:03 p15135144 popper[27366]: web1p2 at p5086F38F.dip.t-dialin.net (80.134.243.143): -ERR POP EOF or I/O Error [popper.c:820]
Jan 13 14:10:17 p15135144 popper[27367]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 14:11:45 p15135144 popper[27383]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 14:14:32 p15135144 popper[27402]: web1p2 at p5086F38F.dip.t-dialin.net (80.134.243.143): -ERR Too few arguments for the pass command. [pop_get_command.c:124]
Jan 13 14:14:32 p15135144 popper[27402]: web1p2 at p5086F38F.dip.t-dialin.net (80.134.243.143): -ERR POP EOF or I/O Error [popper.c:820]
Jan 13 14:14:42 p15135144 popper[27403]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 14:17:10 p15135144 popper[27437]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 14:44:48 p15135144 popper[27606]: Stats: web1p2 0 0 148 555171 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 15:09:43 p15135144 postfix/smtpd[27782]: connect from mail.die.de[194.77.231.39]
Jan 13 15:09:46 p15135144 postfix/smtpd[27782]: setting up TLS connection from mail.die.de[194.77.231.39]
Jan 13 15:09:46 p15135144 postfix/smtpd[27782]: TLS connection established from mail.die.de[194.77.231.39]: TLSv1 with cipher RC4-MD5 (128/128 bits)
Jan 13 15:09:47 p15135144 postfix/smtpd[27782]: 07CB934C0D7: client=mail.die.de[194.77.231.39]
Jan 13 15:09:48 p15135144 postfix/cleanup[27783]: 07CB934C0D7: message-id=<200401131209.i0DC9hQX025413@notify.nickles.de>
Jan 13 15:09:48 p15135144 postfix/qmgr[400]: 07CB934C0D7: from=<listreturn@woelfer.com>, size=3248, nrcpt=1 (queue active)
Jan 13 15:09:48 p15135144 postfix/local[27785]: 07CB934C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 15:09:48 p15135144 postfix/smtpd[27782]: disconnect from mail.die.de[194.77.231.39]
Jan 13 15:18:04 p15135144 popper[27855]: Stats: web1p2 0 0 149 558537 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 15:19:09 p15135144 popper[27860]: Stats: web1p2 0 0 149 558549 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 15:22:25 p15135144 popper[27879]: Stats: web1p2 0 0 149 558549 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 15:54:24 p15135144 popper[28092]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 15:55:39 p15135144 popper[28097]: Stats: web1p2 0 0 149 558549 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 15:58:16 p15135144 popper[28116]: Stats: web1p2 0 0 149 558549 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:04:59 p15135144 popper[28170]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:05:47 p15135144 popper[28175]: Stats: web1p2 0 0 149 558549 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:15:50 p15135144 popper[28250]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:26:19 p15135144 popper[28313]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:26:21 p15135144 popper[28314]: Stats: web1p2 0 0 149 558549 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:32:02 p15135144 popper[28367]: Stats: web1p2 0 0 149 558549 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:36:43 p15135144 popper[28390]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:47:05 p15135144 popper[28468]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:47:54 p15135144 postfix/smtpd[28469]: connect from adsl-pusan-dong-210180112112.usr.hananet.net[210.180.112.112]
Jan 13 16:47:56 p15135144 postfix/smtpd[28469]: 5700334C0D7: client=adsl-pusan-dong-210180112112.usr.hananet.net[210.180.112.112]
Jan 13 16:47:57 p15135144 postfix/cleanup[28470]: 5700334C0D7: message-id=<20040113154756.5700334C0D7@p15135144.pureserver.info>
Jan 13 16:47:57 p15135144 postfix/qmgr[400]: 5700334C0D7: from=<p_wolfezs@osd.ulaval.ca>, size=1729, nrcpt=1 (queue active)
Jan 13 16:47:57 p15135144 postfix/local[28472]: 5700334C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 16:47:58 p15135144 postfix/smtpd[28469]: disconnect from adsl-pusan-dong-210180112112.usr.hananet.net[210.180.112.112]
Jan 13 16:57:31 p15135144 popper[28528]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 16:58:27 p15135144 popper[28536]: Stats: web1p2 0 0 150 560398 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:07:53 p15135144 popper[28605]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:12:06 p15135144 popper[28635]: Stats: web1p2 0 0 150 560410 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:13:22 p15135144 popper[28640]: Stats: web1p2 0 0 150 560410 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:17:28 p15135144 popper[28681]: Stats: web1p2 0 0 150 560410 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:18:15 p15135144 popper[28689]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:22:40 p15135144 popper[28712]: Stats: web1p2 0 0 150 560410 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:26:01 p15135144 popper[28728]: Stats: web1p2 0 0 150 560410 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:27:51 p15135144 popper[28740]: Stats: web1p2 0 0 150 560410 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:28:39 p15135144 popper[28748]: Stats: web2p1 0 0 0 0 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:33:04 p15135144 popper[28793]: Stats: web1p2 0 0 150 560410 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:33:04 p15135144 postfix/smtpd[28794]: connect from h-213.61.120.247.host.de.colt.net[213.61.120.247]
Jan 13 17:33:05 p15135144 postfix/smtpd[28794]: 0799534C0D7: client=h-213.61.120.247.host.de.colt.net[213.61.120.247]
Jan 13 17:33:05 p15135144 postfix/cleanup[28795]: 0799534C0D7: message-id=<200401131333.i0DDXWnV022606@jacen.mytoys-mail.de>
Jan 13 17:33:05 p15135144 postfix/qmgr[400]: 0799534C0D7: from=<Preisverrueckt@mytoys-mail.de>, size=18872, nrcpt=1 (queue active)
Jan 13 17:33:05 p15135144 postfix/local[28797]: 0799534C0D7: to=<web2p1@p15135144.pureserver.info>, relay=local, delay=0, status=sent (mailbox)
Jan 13 17:33:05 p15135144 postfix/smtpd[28794]: disconnect from h-213.61.120.247.host.de.colt.net[213.61.120.247]
Jan 13 17:34:45 p15135144 popper[28805]: Stats: web1p2 0 0 150 560410 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:35:32 p15135144 postfix/smtpd[28810]: connect from pD9528432.dip.t-dialin.net[217.82.132.50]
Jan 13 17:35:32 p15135144 postfix/smtpd[28810]: D3C0134C0D7: client=pD9528432.dip.t-dialin.net[217.82.132.50]
Jan 13 17:35:33 p15135144 postfix/cleanup[28811]: D3C0134C0D7: message-id=<fab301c3d9da$ee2b7021$d68530f6@qaib5c2>
Jan 13 17:35:33 p15135144 postfix/qmgr[400]: D3C0134C0D7: from=<b.stewartko@ties.itu.ch>, size=1298, nrcpt=1 (queue active)
Jan 13 17:35:33 p15135144 postfix/local[28812]: D3C0134C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=1, status=sent (mailbox)
Jan 13 17:35:33 p15135144 postfix/smtpd[28810]: disconnect from pD9528432.dip.t-dialin.net[217.82.132.50]
Jan 13 17:38:18 p15135144 popper[28831]: Stats: web1p2 0 0 151 561827 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:39:39 p15135144 postfix/smtpd[28836]: connect from thinkmo.de[80.190.101.128]
Jan 13 17:39:39 p15135144 postfix/smtpd[28836]: setting up TLS connection from thinkmo.de[80.190.101.128]
Jan 13 17:39:39 p15135144 postfix/smtpd[28836]: TLS connection established from thinkmo.de[80.190.101.128]: TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
Jan 13 17:39:39 p15135144 postfix/smtpd[28836]: 7A4C034C0D7: client=thinkmo.de[80.190.101.128]
Jan 13 17:39:39 p15135144 postfix/cleanup[28837]: 7A4C034C0D7: message-id=<20040113133949.8B1FF382AA@thinkmo.de>
Jan 13 17:39:39 p15135144 postfix/qmgr[400]: 7A4C034C0D7: from=<pythonwiki@pythonwiki.de>, size=1323, nrcpt=1 (queue active)
Jan 13 17:39:39 p15135144 postfix/smtpd[28836]: disconnect from thinkmo.de[80.190.101.128]
Jan 13 17:39:39 p15135144 postfix/local[28839]: 7A4C034C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=0, status=sent (mailbox)
Jan 13 17:42:54 p15135144 postfix/smtpd[28858]: connect from thinkmo.de[80.190.101.128]
Jan 13 17:42:54 p15135144 postfix/smtpd[28858]: setting up TLS connection from thinkmo.de[80.190.101.128]
Jan 13 17:42:54 p15135144 postfix/smtpd[28858]: TLS connection established from thinkmo.de[80.190.101.128]: TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)
Jan 13 17:42:54 p15135144 postfix/smtpd[28858]: 9293834C0D7: client=thinkmo.de[80.190.101.128]
Jan 13 17:42:54 p15135144 postfix/cleanup[28859]: 9293834C0D7: message-id=<20040113134302.F0EFD382AA@thinkmo.de>
Jan 13 17:42:54 p15135144 postfix/qmgr[400]: 9293834C0D7: from=<pythonwiki@pythonwiki.de>, size=1978, nrcpt=1 (queue active)
Jan 13 17:42:54 p15135144 postfix/smtpd[28858]: disconnect from thinkmo.de[80.190.101.128]
Jan 13 17:42:54 p15135144 postfix/local[28860]: 9293834C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=0, status=sent (mailbox)
Jan 13 17:43:34 p15135144 popper[28865]: Stats: web1p2 0 0 153 565379 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:48:46 p15135144 popper[28913]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:53:58 p15135144 popper[28940]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 17:59:21 p15135144 popper[28976]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:04:33 p15135144 popper[29024]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:09:44 p15135144 popper[29051]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:11:17 p15135144 popper[29063]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:14:59 p15135144 popper[29083]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:20:28 p15135144 popper[29137]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:25:39 p15135144 popper[29164]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:30:50 p15135144 popper[29212]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:36:00 p15135144 popper[29239]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:41:11 p15135144 popper[29273]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:46:40 p15135144 popper[29321]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:51:51 p15135144 popper[29348]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:56:55 p15135144 popper[29378]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 18:57:03 p15135144 popper[29383]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:02:15 p15135144 popper[29433]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:07:27 p15135144 popper[29460]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:12:38 p15135144 popper[29490]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:17:52 p15135144 popper[29535]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:23:07 p15135144 popper[29569]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:28:19 p15135144 popper[29599]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:33:31 p15135144 popper[29644]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:38:50 p15135144 popper[29676]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:39:03 p15135144 popper[29681]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:43:41 p15135144 popper[29704]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:44:01 p15135144 popper[29712]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:47:28 p15135144 popper[29746]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:49:13 p15135144 popper[29758]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:54:25 p15135144 popper[29789]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:59:37 p15135144 popper[29818]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 19:59:51 p15135144 popper[29819]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:04:48 p15135144 popper[29867]: Stats: web1p2 0 0 153 565403 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:08:41 p15135144 postfix/smtpd[29890]: connect from pcp03611132pcs.rthfrd01.tn.comcast.net[68.53.24.246]
Jan 13 20:08:48 p15135144 postfix/smtpd[29890]: 872AB34C0D7: client=pcp03611132pcs.rthfrd01.tn.comcast.net[68.53.24.246]
Jan 13 20:08:53 p15135144 postfix/cleanup[29891]: 872AB34C0D7: message-id=<20040113190848.872AB34C0D7@p15135144.pureserver.info>
Jan 13 20:08:53 p15135144 postfix/qmgr[400]: 872AB34C0D7: from=<cwztmrizjnjsm@mail.ru>, size=532, nrcpt=1 (queue active)
Jan 13 20:08:53 p15135144 postfix/local[29893]: 872AB34C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=5, status=sent (mailbox)
Jan 13 20:08:53 p15135144 postfix/smtpd[29890]: disconnect from pcp03611132pcs.rthfrd01.tn.comcast.net[68.53.24.246]

Jan 13 20:10:01 p15135144 popper[29898]: Stats: web1p2 0 0 154 566053 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:11:38 p15135144 postfix/smtpd[29910]: connect from ip-249.net-81-220-100.nantes.rev.numericable.fr[81.220.100.249]
Jan 13 20:11:42 p15135144 postfix/smtpd[29910]: 1273334C0D7: client=ip-249.net-81-220-100.nantes.rev.numericable.fr[81.220.100.249]
Jan 13 20:11:44 p15135144 postfix/cleanup[29911]: 1273334C0D7: message-id=<20040113191142.1273334C0D7@p15135144.pureserver.info>
Jan 13 20:11:44 p15135144 postfix/qmgr[400]: 1273334C0D7: from=<jtujssogd@terra.com>, size=438, nrcpt=1 (queue active)
Jan 13 20:11:44 p15135144 postfix/local[29912]: 1273334C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=2, status=sent (mailbox)
Jan 13 20:11:44 p15135144 postfix/smtpd[29910]: disconnect from ip-249.net-81-220-100.nantes.rev.numericable.fr[81.220.100.249]
Jan 13 20:15:26 p15135144 popper[29972]: Stats: web1p2 0 0 155 566618 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:21:01 p15135144 popper[30013]: Stats: web1p2 0 0 155 566630 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:24:58 p15135144 popper[30036]: Stats: web1p2 0 0 155 566630 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:26:13 p15135144 popper[30048]: Stats: web1p2 0 0 155 566630 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:31:25 p15135144 popper[30093]: Stats: web1p2 0 0 155 566630 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:35:08 p15135144 postfix/smtpd[30116]: connect from unknown[200.44.188.115]
Jan 13 20:35:21 p15135144 postfix/smtpd[30116]: A3BEE34C0D7: client=unknown[200.44.188.115]
Jan 13 20:35:40 p15135144 postfix/cleanup[30117]: A3BEE34C0D7: message-id=<ukaku3g17v46nv7e9sot$8ib-5dw@zlo03.w6ot>
Jan 13 20:35:40 p15135144 postfix/qmgr[400]: A3BEE34C0D7: from=<v023lcnwui@china.com>, size=2773, nrcpt=1 (queue active)
Jan 13 20:35:40 p15135144 postfix/local[30119]: A3BEE34C0D7: to=<web1p2@p15135144.pureserver.info>, relay=local, delay=19, status=sent (mailbox)
Jan 13 20:35:41 p15135144 postfix/smtpd[30116]: disconnect from unknown[200.44.188.115]
Jan 13 20:36:36 p15135144 popper[30127]: Stats: web1p2 0 0 156 569520 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:41:50 p15135144 popper[30154]: Stats: web1p2 0 0 156 569532 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296]
Jan 13 20:47:11 p15135144 popper[30233]: Stats: web1p2 0 0 156 569532 p5086F38F.dip.t-dialin.net 80.134.243.143 [pop_updt.c:296
Wo war denn nochmal die Config?

dodolin
RSAC
Posts: 4009
Joined: 2003-01-21 01:59
Location: Sinsheim/Karlsruhe

Re: Seltsame Mail

Post by dodolin » 2004-01-13 18:04

Gerade habe ich eine leere Mail von:

"Jolly Margo"@pXXXXXXXX.pureserver.info

erhalten, wobei die Bezeichnung nach dem @ mit der meines Servers übereinstimmt. Habe ich jetzt einen Grund, mir Sorgen zu machen?
Nein, hast du nicht.
Die vollen Header der Mail wären auch mal interessant. Ich nehme an, es wurde mir "Jolly Margo" eingeliefert und dein Server hat das anstatt es abzulehnen halt mit seiner "Qualify-Domain" ergänzt.

evilputti
Posts: 8
Joined: 2003-12-27 21:13

Re: Seltsame Mail

Post by evilputti » 2004-01-13 18:09

Langsam denk ich auch, dass da nichts ist ...

Dir Mail schaut so:
Return-Path: <cwztmrizjnjsm@mail.ru>
Delivered-To: web1p2@p15135144.pureserver.info
Received: from pcp03611132pcs.rthfrd01.tn.comcast.net (pcp03611132pcs.rthfrd01.tn.comcast.net [68.53.24.246])
by p15135144.pureserver.info (Postfix) with SMTP id 872AB34C0D7
for <heiko@pilgermann.net>; Tue, 13 Jan 2004 20:08:48 +0100 (CET)
Received: from [68.53.24.246] by 3001hosting.comIP with HTTP;
Tue, 13 Jan 2004 01:02:48 -0300
From: "Jolly Margo"@p15135144.pureserver.info
Message-Id: <20040113190848.872AB34C0D7@p15135144.pureserver.info>
Date: Tue, 13 Jan 2004 20:08:48 +0100 (CET)
To: undisclosed-recipients:;
X-UIDL: ABa!!LVD!!U=""!4o7"!

dodolin
RSAC
Posts: 4009
Joined: 2003-01-21 01:59
Location: Sinsheim/Karlsruhe

Re: Seltsame Mail

Post by dodolin » 2004-01-13 18:13

Received: from [68.53.24.246] by 3001hosting.comIP with HTTP
Sehr verdächtig... riecht noch offenem Proxy. Ein kurzer Check sagt, dass es sich in der Tat bei dieser IP um einen solchen handelt.
From: "Jolly Margo"@p15135144.pureserver.info
Solltest du halt deinem Postfix abgewöhnen, sowas dazuzuschreiben.