email hitting server, but domain doesn't exist

keat63

keat63

Well-Known Member
Nov 20, 2014
1,961
267
113
cPanel Access Level
Root Administrator
10 days ago, I terminated an acccount and deleted all DNS entries.. (company no longer trading)

Just checking the logs today and can see an email delivery attempt, but how.
The domain hasn't been on this server for 10 days or more.
There are no DNS entries, the name servers point to the resgistra

Code: 
2020-01-23 13:40:34 H=131.74.60.190.host.ifxnetworks.com (host-200.14.43.132.merca.net.co)
[190.60.74.131]:35060 F=<[email protected]> rejected RCPT <[email protected]>:
The mail server could not deliver mail to [email protected]
The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
I see lots of email delivery attempts to this domain
 
Last edited:
cPanelLauren

cPanelLauren

Product Owner II
Staff member
Nov 14, 2017
13,272
1,296
363
Houston
keat63 said:
10 days ago, I terminated an acccount and deleted all DNS entries.. (company no longer trading)

Just checking the logs today and can see an email delivery attempt, but how.
The domain hasn't been on this server for 10 days or more.
There are no DNS entries, the name servers point to the resgistra

Code: 
2020-01-23 13:40:34 H=131.74.xx.xxx.host.ifxnetworks.com (host-200.14.xx.xxx.merca.net.co)
[190.60.xx.xxx]:35060 F=<[email protected]> rejected RCPT <[email protected]>:
The mail server could not deliver mail to [email protected]
The account or domain may not exist, they may be blacklisted, or missing the proper dns entries.
I see lots of email delivery attempts to this domain
Click to expand...
There have to be DNS records that point to your IP present on the domain cached or otherwise, there would be no way for it to be routed to you. If they were sent from the domain and then bounced to your server, it could send to the IP present in the headers, though 10 days is a while for that.
 
keat63

keat63

Well-Known Member
Nov 20, 2014
1,961
267
113
cPanel Access Level
Root Administrator
Is it possible that the BOT or whatever is doing this is using something like a modified host file and bypassing DNS altogther.

As this server is about to close down, I've closed all firewall ports now, so nothing can get through.
Intrigued how this was happening though.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
F New Thread emails from my server go to spam Email 2
amstel Deleted emails in one account Email 1
T Count: emails relayed Email 2
M Filter incoming emails by IP Email 2
F Why all emails sending from my server are hitting spam Email 3
Similar threads
New Thread emails from my server go to spam
Deleted emails in one account
Count: emails relayed
Filter incoming emails by IP
Why all emails sending from my server are hitting spam
Top Bottom