Hi,
I have a fairly new server set up with only a handful of users on it. I have just checked our sent emails and i have seen some coming from a domain which isnt hosted with us. After checking the sent summary i can see the following:
Domain User Successful Deferrals Failures Failed and Deferred Total Messages Data Sent
-remote- 221 0 113 113 328 6.77 MB
All pail is sent through the Web Mail so it shouldnt be the case of some been sent from elseware.
Is there any way to find out how they are sending the emails and stop it?
I have used mysql -e "SELECT * FROM eximstats.sends WHERE user = '-remote-'\G" > /root/mysqlremotesends and here are just a couple entries from the file
Any help would be much appreciated.
I have a fairly new server set up with only a handful of users on it. I have just checked our sent emails and i have seen some coming from a domain which isnt hosted with us. After checking the sent summary i can see the following:
Domain User Successful Deferrals Failures Failed and Deferred Total Messages Data Sent
-remote- 221 0 113 113 328 6.77 MB
All pail is sent through the Web Mail so it shouldnt be the case of some been sent from elseware.
Is there any way to find out how they are sending the emails and stop it?
I have used mysql -e "SELECT * FROM eximstats.sends WHERE user = '-remote-'\G" > /root/mysqlremotesends and here are just a couple entries from the file
Code:
*************************** 4199. row ***************************
mailtime: 2014-04-01 11:47:49
msgid: 1WUwEO-0005fX-6i
email: [email protected]
processed: 0
user: -remote-
size: 48053
ip: 85.158.xxx.xxx
auth: localdelivery
host: mail1.bemta4.domaintoo.com
domain:
localsender: 1
spamscore: 4.3
*************************** 4200. row ***************************
mailtime: 2014-04-01 11:54:58
msgid: 1WUwLI-0006Ek-85
email: <>
processed: 0
user: -remote-
size: 3525
ip: 87.238.xx.xx
auth: localdelivery
host: hostname.domain.de
domain:
localsender: 1
spamscore: 0
*************************** 4201. row ***************************
mailtime: 2014-04-01 11:55:53
msgid: 1WUwM8-0006PP-5Y
email: bounce-zwdsprsbwsblkrrwzrdzkwmdrlwzw...domainthree.com
processed: 0
user: -remote-
size: 31849
ip: 208.123.xx.xx
auth: localdelivery
host: mail6.domaintoo.com
domain:
localsender: 1
spamscore: -4.6
Any help would be much appreciated.
Last edited by a moderator: