Linux Mail Server Setup and Howto Guide

Post edited 4:26 pm – April 16, 2010 by apurba.bala

Can anybody help me to configure Mailscanner please? Would be good if anybody please share with me any running MailsScanner.conf file which is performing well. 

A bit detail which i have done so far(abcd.com is aa example domain name for here):
——————————————————————————————————-
- I have installed mailscanner according to instruction of the Link: (http://www.linuxmail.info/how-…..-centos-5/) and also installed clamav according to the instruction of the Link: (http://www.linuxmail.info/how-…..-centos-5/).

 - My change of MailScanner.conf is given Below:
%org-name% = ABCD
%org-long-name% = A_B_C_D
%web-site% = ABCD.com

Virus Scanning = yes
Virus Scanners = clamav

Use SpamAssassin = yes
Required SpamAssassin Score = 6.6
High SpamAssassin Score = 10

[Rest all others configuration is remain default]

Problems which i am facing:
———————————-
1. Lotsssss of mails are sending automatically ( according to observation of maillog)

2. My email server is being blacklisted quickly (within 1/2 days) although i have separate smtp for sending emails. Only web-mail user can send email using this email server.

Can anybody help me in this regards…please

Regards…
Apurba 

I need urgent help. 

lots of email (around 2000 to 5000) are sending  automatically from my mail server. My email server is not open realy. All those emails are sending from mail server automatically. 

Ref. log: Sorry for huge logs. I am not finding any one or any reason from where and why lots of emails are sending. please advice.

##################################################################
Apr 18 00:01:26 mail2 sendmail[17633]: o3HI1QZF017633: from=<>, size=1498, class=0, nrcpts=1, msgid=<201004171355.fabe4bc9f5f9f7@omr-m12.mx.aol.com>, bodytype=7BIT, proto=ESMTP, daemon=MTA, relay=smtp.gtlbd.com [114.130.8.10]Apr 18 00:01:23 mail2 sendmail[17571]: o3HH4xFi015787: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:56:24, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:01:20 mail2 sendmail[17571]: o3HHLhG6016432: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:39:37, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:01:17 mail2 sendmail[17571]: o3HHRxxR016348: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:33:18, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:01:15 mail2 sendmail[17571]: o3HHd0GY016989: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:22:15, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:01:12 mail2 sendmail[17571]: o3HH5YZB016170: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:55:38, xdelay=00:00:04, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:01:08 mail2 sendmail[17571]: o3HHXipr016980: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:27:24, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:01:05 mail2 sendmail[17571]: o3HHZWPZ017030: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:25:33, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:01:03 mail2 sendmail[17571]: o3HHNgEQ015895: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:37:21, xdelay=00:00:04, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:01:02 mail2 update.bad.phishing.sites: Delaying cron job up to 600 secondsApr 18 00:00:59 mail2 sendmail[17571]: o3HHNSMp015845: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:37:31, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:56 mail2 sendmail[17571]: o3HHc05q016513: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:22:56, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:55 mail2 sendmail[13648]: o3HEvqBw013648: to=<ardentad@gtlbd.com>, delay=00:00:00, xdelay=00:00:00, mailer=local, pri=31738, dsn=2.0.0, stat=SentApr 18 00:00:55 mail2 sendmail[13648]: o3HCYgkC012242: o3HEvqBw013648: sender notify: Warning: could not send message for past 4 hoursApr 18 00:00:55 mail2 sendmail[13648]: o3HCYgkC012242: to=<vsheehan@sympatico.ca>, ctladdr=<ardentad@gtlbd.com> (1078/100), delay=05:26:13, xdelay=00:00:01, mailer=esmtp, pri=4770547, relay=mxmta.sympatico.ca. [67.69.240.23], dsn=4.0.0, stat=Deferred: Connection reset by mxmta.sympatico.ca.Apr 18 00:00:54 mail2 sendmail[13648]: o3HCYgkC012242: to=<v_shivaprasad@yahoo.co.uk>,<vsharofi@yahoo.co.uk>, ctladdr=<ardentad@gtlbd.com> (1078/100), delay=05:26:12, xdelay=00:00:04, mailer=esmtp, pri=4770547, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel 2/0)Apr 18 00:00:54 mail2 sendmail[17571]: o3HHRveM016063: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:32:57, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:51 mail2 sendmail[17571]: o3HH37U4016025: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:57:44, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:50 mail2 sendmail[13648]: o3HCYgkC012242: to=<vshambare@glens.co.zw>, ctladdr=<ardentad@gtlbd.com> (1078/100), delay=05:26:08, xdelay=00:12:00, mailer=esmtp, pri=4770547, relay=mx2.yoafrica.com. [217.15.122.12], dsn=4.0.0, stat=Deferred: Connection timed out with mx2.yoafrica.com.Apr 18 00:00:49 mail2 sendmail[17571]: o3HHYHkN015833: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:26:32, xdelay=00:00:04, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:45 mail2 sendmail[17571]: o3HHGd11016865: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:44:06, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:42 mail2 sendmail[17571]: o3HH6OZX016177: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:54:18, xdelay=00:00:04, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:38 mail2 sendmail[17571]: o3HHLAxY017011: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:39:28, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:37 mail2 sendmail[17034]: o3HHDP9m016886: to=<kbnctux@unscientifically.com>, delay=00:47:10, xdelay=00:02:00, mailer=esmtp, pri=6092345, relay=unscientifically.com. [82.98.86.178], dsn=4.0.0, stat=Deferred: Connection timed out with unscientifically.com.Apr 18 00:00:35 mail2 sendmail[17571]: o3HHOoOW016914: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:35:45, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:34 mail2 sendmail[17036]: o3HHEapc016931: to=<kbnctux@unscientifically.com>, delay=00:45:58, xdelay=00:02:00, mailer=esmtp, pri=6092346, relay=unscientifically.com. [82.98.86.178], dsn=4.0.0, stat=Deferred: Connection timed out with unscientifically.com.Apr 18 00:00:32 mail2 sendmail[17571]: o3HH6Vpf016225: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:54:01, xdelay=00:00:05, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:27 mail2 sendmail[17571]: o3HH5FTx016137: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:55:12, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:24 mail2 sendmail[17571]: o3HHLhst016380: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:38:41, xdelay=00:00:05, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.9], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:21 mail2 sendmail[15762]: o3HCVGWZ012083: to=<vvillaviata@viabcp.com>, ctladdr=<ardentad@gtlbd.com> (1078/100), delay=05:29:05, xdelay=00:02:01, mailer=esmtp, pri=4950547, relay=viabcpmx.tic.com.pe. [200.48.193.168], dsn=4.0.0, stat=Deferred: Connection timed out with viabcpmx.tic.com.pe.Apr 18 00:00:19 mail2 sendmail[17571]: o3HHWXWn016921: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:27:46, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:17 mail2 sendmail[17571]: o3HHOagX016009: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:35:41, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:14 mail2 sendmail[17571]: o3HHjMvk015872: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:14:52, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:12 mail2 sendmail[17571]: o3HHFhYW016534: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:44:29, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:09 mail2 sendmail[17571]: o3HHNJbj016968: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:36:50, xdelay=00:00:04, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 18 00:00:05 mail2 sendmail[17571]: o3HHRvTd016085: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:32:08, xdelay=00:00:06, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:59 mail2 sendmail[17571]: o3HH5K8c015423: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:54:39, xdelay=00:00:03, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:56 mail2 sendmail[17571]: o3HH5WuI016107: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:54:24, xdelay=00:00:05, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:51 mail2 sendmail[17571]: o3HH53Z3016141: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:54:48, xdelay=00:00:06, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:45 mail2 sendmail[17571]: o3HHOoSL016885: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:34:55, xdelay=00:00:04, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:41 mail2 sendmail[17571]: o3HHNOtP016970: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:36:17, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:39 mail2 sendmail[17571]: o3HHWXBG015876: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:27:06, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:37 mail2 sendmail[17571]: o3HHVcUM016548: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:27:59, xdelay=00:00:02, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:35 mail2 sendmail[17571]: o3HHGnA5016260: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:42:46, xdelay=00:00:04, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)Apr 17 23:59:31 mail2 sendmail[17571]: o3HH2QPR015991: to=<mr.leonardjefferson66@yahoo.co.uk>, delay=00:57:05, xdelay=00:00:05, mailer=esmtp, pri=123537, relay=mx1.mail.eu.yahoo.com. [77.238.177.142], dsn=2.0.0, stat=Sent (ok dirdel)
############################################################# 

I got another information from bounced emails which reports are sending to postmaster. according to the full header observation of those emails i saw lots of other fake email address (yahoo and hotmail) were added ove original recipients emails address. What can be the issue. What i should to do for getting release of all those problems.

regards…
Apurba 

I have checked and it's not open realy. what can be the other issues ?

regards….

Apurba

Post edited 4:07 am – April 26, 2010 by apurba.bala

I have putted firewall. no body is allowed to send email through this email server except webmail. Currently i am using openweb-mail. all the email was relayed from 127.0.0.1 (localhost) but how can it be possible. or how can i findout that user or script which actually sending more 20~30k emails (kind of bombing) from my email server within a few seconds.

please give me some idea where i should search and by which script is acutally happeing.

Appreciate your early response please.

regards…
Apurba