Application Development Software

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Lot of SPAM mails in queue - Warnings from ISP

807574Sep 9 2007 — edited Feb 11 2020

Hi Jay,Shane and ALL,

We are running messaging on Solaris 10 with below version.

Sun Java(tm) System Messaging Server 6.2-7.05 (built Sep 5 2006)
libimta.so 6.2-7.05 (built 12:18:44, Sep 5 2006)

Insured that no entries added to mappings (except localhost) and only "authenticated SMTP" allowed.

We implemented Separate AV/anti-spam box with aliasdetour and conversion channel which is working fine.

we could achieve >95% spam control but recently we started receiving warnings from ISP that SPAM being sent out from our mail server.

++++++++Part of mail sent by ISP+++++++++

Data received in complaint:
Return-Path: <x>
Delivered-To: x
Received: from webmail.<our-domain>.com (our_mail_server_IP) by mail.iecc.com with SMTP;
7 Sep 2007 03:29:00 -0000
Received: from User ([210.70.82.129]) by webmail.<our-domain>.com (Sun Java System Messaging Server 6.2-7.05 (built Sep 5 2006)) with ESMTPA id <x> for x; Thu,
06 Sep 2007 20:45:43 -0400 (EDT)
Date: Fri, 07 Sep 2007 08:47:54 +0800
From: Bank of America <x>
Subject: Account Information Update.
To: Undisclosed recipients: ;
Reply-to: x
Message-id: <x>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-Priority: 1
X-MSMail-priority: High
X-DCC-IECC-Metrics: tom.iecc.com 1107;
bulk Body=154 Fuz1=154 Fuz2#X-Tag: tagged by DCC
Content-Type: text/plain
Content-Transfer-Encoding: 8bit

++++++++++++end-of-part-mail-sent-by-ISP++++++++++++

I noticed around 10K SPAM mails getting generated (added) daily in tcp_local channel queue.

+++++++++a mail in queue++++++++++

qm.maint> read 3000

Message id: 3000
Filename: /iplanet/SUNWmsgsr/data/queue/tcp_local/017/ZWf0I3dFTzue9.00

Transport layer information:
----------------------------------------------------------------------
Envelope From: address: alert@bancamerica.com
Envelope To: addresses: norbert@iit.com

Message header:
----------------------------------------------------------------------
Received: from User ([203.144.16.210])
by webmail.<our_domain>.com (Sun Java System Messaging Server 6.2-7.05 (built Sep
5 2006)) with ESMTPA id <0JO300B5LSZDBK10@webmail.<our_domain>.com> for
norbert@iit.com; Sun, 09 Sep 2007 09:47:45 -0400 (EDT)
Date: Sun, 09 Sep 2007 23:49:59 +1000
From: Bank Of America <alert@bancamerica.com>
Subject: Account Information Update Urgently Needed
To: Undisclosed recipients: ;
Reply-to: no-reply@bankofamerica.com
Message-id: <0JO300B5MSZFBK10@webmail.<our_domain>.com>
MIME-version: 1.0
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
Content-type: text/html; charset=Windows-1251
Content-transfer-encoding: 7BIT
X-Priority: 3
X-MSMail-priority: Normal

qm.maint>

++++++++++++++++++++end-of-mail-in-queue++++++++++++++++++++

Wondering how these mails exist in tcp_local queue wherein none of IPs (or users) allowed to relay through our servers.

Pl help me resolve this issue.

TIA
Prvn

Locked Post

New comments cannot be posted to this locked post.

Locked on Oct 8 2007

Added on Sep 9 2007

#e-mail-calendar-collaboration, #webcenter

4 comments

422 views