Announcement

Collapse
No announcement yet.

Explain the SMTP server log to me

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Explain the SMTP server log to me

    I am going to attach a portion of my SMTP server log. I am using the virtual smtp server in IIS.
    I understand a lot on the log, but these lines I do not understand.
    I have been googling for hours and come up empty handed.
    Thanx in advance!
    Attached Files

  • #2
    Re: Explain the SMTP server log to me

    looks like they are blocking you because of spam.

    Make sure you got your MX records right and A record also make sure you got a PTR.
    What do I know, I am only 26.

    Comment


    • #3
      Re: Explain the SMTP server log to me

      looks like they are blocking you because of spam.

      Make sure you got your MX records right and A record also make sure you got a PTR.
      Thank you for the response. All of my MX records are fine. Our server is getting hit by a lot of spam, but the mail server itself is not sending any out.

      We are getting a lot of non deliverable to us. Could those lines be the server trying to send non deliverable notification to a unkown address?

      If so is there a way to stop this - ie, tell the server not to send non deliverable notifications to the sender?

      Thanx in advance!

      Also, I started using Spamfighter for IIS' virtual smtp server yesterday. Helps ALOT!

      Comment


      • #4
        Re: Explain the SMTP server log to me

        becareful you could be getting a NDR attack.

        What about your PTR?
        What do I know, I am only 26.

        Comment


        • #5
          Re: Explain the SMTP server log to me

          Thanx again!

          MX toolbox says the reverse lookup is fine and dig in linux is fine.

          We have been getting spammed pretty hard for a few years. I was using dyndns' mailhop for about a year, but we ended up dropping them because we had a lot of emails that never made it to our server from our store locations. So I moved it back to our server while using Spamfighter for the server.

          But if you could, could you tell me in detail what each line of that log means?
          Thanx in advance!

          Comment


          • #6
            Re: Explain the SMTP server log to me

            do this in a cmd prompt

            telnet smtp.mailserver.com 25
            helo me
            mail from:[email protected]
            rcpt to:[email protected]
            data
            This is a test

            there mail server is there MX record and ofcourse use that usersemail for that address.

            Basicaly from the log it is opening a connection, then it is sending a request to the mail server allowing to establish a connection then your mail server is trying to talk to the user provided and it is kicking back with an error message. by doing this test it will show you the steps your mail server talks with there mail server. also make sure that is there real email address.
            What do I know, I am only 26.

            Comment


            • #7
              Re: Explain the SMTP server log to me

              Thanx for the explanation! I think you have proved my theory correct, that the mail server is trying to connect to the sending mail server with a not deliverable response.

              Since the spammer is using non deliverable addresses, we get a 'no user by that name' response.

              My main question, in IIS' virtual smtp server, is there a way to turn that off?
              It seems to be eating up a lot of bandwidth, but the server itself is not being taxed too much from it.

              Comment


              • #8
                Re: Explain the SMTP server log to me

                why are you using the IIS virtual server? Need Exchange
                What do I know, I am only 26.

                Comment


                • #9
                  Re: Explain the SMTP server log to me

                  Originally posted by GrantThomas View Post
                  why are you using the IIS virtual server? Need Exchange
                  Haha! I was left with this in my lap. My compadre set this up a couple of years ago and then decided to leave the US. Now it is a heart of our communication company wide.

                  Myself, I am more inclined to programming. I know (though I try to learn as much as I can) just enough to be dangerous around win2k3 server.

                  I have free versions of exchange available sent to our company because we are a reseller of MS stuff. Myself, I can;t find time to install and become familiar with the software.
                  We are constructing a massive building and I may implement Exchange if I have the time to learn it when we move into that building. But for the time being. I have too much of a busy day dealing with the daily calls/programing/hardware repair to study right now.

                  Comment


                  • #10
                    Re: Explain the SMTP server log to me

                    What are you using to recieve mail? If you are using something else to recieve the mail you can stop the NDR'S by disabling port 25 on the firewall, because to go OUT you should allow your traffic internally to outside open (outbound connections only).

                    That way you can stop the NDR attacks if they happen and load your sessions/queus up.
                    What do I know, I am only 26.

                    Comment

                    Working...
                    X