The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

sporadic bounced mails

Discussion in 'E-mail Discussions' started by Secret Agent, Jun 7, 2005.

  1. Secret Agent

    Secret Agent Guest

    I have been receiving messages as quoted below when sending mail through the server. Sometimes they are just text messages to one domain, sometimes when I send a group mail they are for all domains. It seems to make no difference whether there is an attachment or not. It also seems sporadic - I can send 3 or 4 messages with no problems then the next several bounce. here is a sample:

    From: Mailer-Daemon@server.servername.com
    Subject: Mail delivery failed: returning message to sender
    Date: June 7, 2005 5:32:39 AM CDT
    To: miken@domain.net
    Return-Path: <>
    Envelope-To: miken@domain.net
    Delivery-Date: Tue, 07 Jun 2005 06:32:40 -0400
    Received: from techie3 by server.servername.com with local-bsmtp (Exim 4.50) id 1DfbNv-0001ZB-Ln for miken@domain.net; Tue, 07 Jun 2005 06:32:40 -0400
    Received: from mailnull by server.servername.com with local (Exim 4.50) id 1DfbNv-0001Z7-Jd for miken@domain.net; Tue, 07 Jun 2005 06:32:39 -0400
    X-Failed-Recipients: rjstuff@direcway.com
    Auto-Submitted: auto-generated
    Message-Id: <E1DfbNv-0001Z7-Jd@server.servername.com>
    X-Spam-Checker-Version: SpamAssassin 3.0.3 (2005-04-27) on server.servername.com
    X-Spam-Level:
    X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,AWL,UNIQUE_WORDS, UPPERCASE_25_50 autolearn=ham version=3.0.3



    This message was created automatically by mail delivery software.


    A message that you sent could not be delivered to one or more of its
    recipients. This is a permanent error. The following address(es) failed:


    rjstuff@direcway.com
    unrouteable mail domain "direcway.com"


    ------ This is a copy of the message, including all the headers. ------


    Return-path: <miken@domain.net>
    Received: from dpc6744130013.direcpc.com ([67.44.130.13] helo=[192.168.123.174])
    by server.servername.com with esmtpa (Exim 4.50)
    id 1DfbNq-0001YH-0I
    for rjstuff@direcway.com; Tue, 07 Jun 2005 06:32:39 -0400
    Mime-Version: 1.0 (Apple Message framework v730)
    To: rjstuff@direcway.com
    Message-Id: <2CB3EFBC-1333-410D-98E7-8445DFCF60B4@domain.net>
    Content-Type: multipart/mixed; boundary=Apple-Mail-2-246708033
    From: "R. J. Mike Nielsen" <miken@domain.net>
    Subject: Proof
    Date: Tue, 7 Jun 2005 05:32:25 -0500
    X-Mailer: Apple Mail (2.730)
    X-PopBeforeSMTPSenders: dfwtqm@domain.net,miken@domain.net,rjstuff@domain.net,sgbfriends@domain.net,usittmidwest@domain.net


    My setup:

    cpanel 10.2x CURRENT
    default catch all = fail
    inlude list of pop before smtp senders... ON
    Silently Discard all FormMail-clone requests with a bcc: header in the subject line... ON
    track origin of messages sent through mail servrer... OFF
    prevent user nobody... OFF
    max emails domain can send per hour.....100

    EXIM config:
    Always set the Sender: OFF
    verify the existance of email senders ON
    discard emails..... ON

    Ran

    /scripts/exim4 --force (v4.5x)
    /scripts/fixcommonproblems


    Any suggestions?
     
  2. Secret Agent

    Secret Agent Guest

    I also have EXIM ACL dictionary attack installed as well
     
  3. Secret Agent

    Secret Agent Guest

    Part of Exim ACL says to paste this in Exim config


    drop hosts = /etc/exim_deny
    message = Connection denied after dictionary attack
    log_message = Connection denied from $sender_host_address after dictionary attack

    drop message = Appears to be a dictionary attack
    log_message = Dictionary attack (after $rcpt_fail_count failures)
    condition = ${if > {${eval:$rcpt_fail_count}}{3}{yes}{no}}
    condition = ${run{/etc/exim_deny.pl $sender_host_address }{yes}{no}}
    !verify = recipient


    I removed this to test it out, no more bounced messages.

    Anyone know of a workaround / adjustment?
     
Loading...

Share This Page