Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

sporadic bounced mails

Discussion in 'E-mail Discussion' started by Secret Agent, Jun 7, 2005.

  1. Secret Agent

    Secret Agent Guest

    I have been receiving messages as quoted below when sending mail through the server. Sometimes they are just text messages to one domain, sometimes when I send a group mail they are for all domains. It seems to make no difference whether there is an attachment or not. It also seems sporadic - I can send 3 or 4 messages with no problems then the next several bounce. here is a sample:

    From: Mailer-Daemon@server.servername.com
    Subject: Mail delivery failed: returning message to sender
    Date: June 7, 2005 5:32:39 AM CDT
    To: miken@domain.net
    Return-Path: <>
    Envelope-To: miken@domain.net
    Delivery-Date: Tue, 07 Jun 2005 06:32:40 -0400
    Received: from techie3 by server.servername.com with local-bsmtp (Exim 4.50) id 1DfbNv-0001ZB-Ln for miken@domain.net; Tue, 07 Jun 2005 06:32:40 -0400
    Received: from mailnull by server.servername.com with local (Exim 4.50) id 1DfbNv-0001Z7-Jd for miken@domain.net; Tue, 07 Jun 2005 06:32:39 -0400
    X-Failed-Recipients: rjstuff@direcway.com
    Auto-Submitted: auto-generated
    Message-Id: <E1DfbNv-0001Z7-Jd@server.servername.com>
    X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on server.servername.com
    X-Spam-Level:
    X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,AWL,UNIQUE_WORDS, UPPERCASE_25_50 autolearn=ham version=3.0.3



    This message was created automatically by mail delivery software.


    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:


    rjstuff@direcway.com
    unrouteable mail domain "direcway.com"


    ------ This is a copy of the message, including all the headers. ------


    Return-path: <miken@domain.net>
    Received: from dpc6744130013.direcpc.com ([67.44.130.13] helo=[192.168.123.174])
    by server.servername.com with esmtpa (Exim 4.50)
    id 1DfbNq-0001YH-0I
    for rjstuff@direcway.com; Tue, 07 Jun 2005 06:32:39 -0400
    Mime-Version: 1.0 (Apple Message framework v730)
    To: rjstuff@direcway.com
    Message-Id: <2CB3EFBC-1333-410D-98E7-8445DFCF60B4@domain.net>
    Content-Type: multipart/mixed; boundary=Apple-Mail-2-246708033
    From: "R. J. Mike Nielsen" <miken@domain.net>
    Subject: Proof
    Date: Tue, 7 Jun 2005 05:32:25 -0500
    X-Mailer: Apple Mail (2.730)
    X-PopBeforeSMTPSenders: dfwtqm@domain.net,miken@domain.net,rjstuff@domain.net,sgbfriends@domain.net,usittmidwest@domain.net


    My setup:

    cpanel 10.2x CURRENT
    default catch all = fail
    inlude list of pop before smtp senders... ON
    Silently Discard all FormMail-clone requests with a bcc: header in the subject line... ON
    track origin of messages sent through mail servrer... OFF
    prevent user nobody... OFF
    max emails domain can send per hour.....100

    EXIM config:
    Always set the Sender: OFF
    verify the existance of email senders ON
    discard emails..... ON

    Ran

    /scripts/exim4 --force (v4.5x)
    /scripts/fixcommonproblems


    Any suggestions?
     
  2. Secret Agent

    Secret Agent Guest

    I also have EXIM ACL dictionary attack installed as well
     
  3. Secret Agent

    Secret Agent Guest

    Part of Exim ACL says to paste this in Exim config


    drop hosts = /etc/exim_deny
    message = Connection denied after dictionary attack
    log_message = Connection denied from $sender_host_address after dictionary attack

    drop message = Appears to be a dictionary attack
    log_message = Dictionary attack (after $rcpt_fail_count failures)
    condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
    condition = ${run{/etc/exim_deny.pl $sender_host_address }{yes}{no}}
    !verify = recipient


    I removed this to test it out, no more bounced messages.

    Anyone know of a workaround / adjustment?
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice