19-Jul-2022 – SYSMGR in the attic

No problems except relay attempts
Quite late this month, but I did check what the maintenance job had to mention. Nothing out of the expected:
PMAS%nbsp;statistics%nbsp;for%nbsp;June Total%nbsp;messages%nbsp;%nbsp;%nbsp;%nbsp;:%nbsp;%nbsp;%nbsp;6830%nbsp;=%nbsp;100.0%nbsp;o/o DNS%nbsp;Blacklisted%nbsp;%nbsp;%nbsp;:%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;0%nbsp;=%nbsp;%nbsp;%nbsp;%nbsp;.0%nbsp;o/o%nbsp;(Files:%nbsp;%nbsp;0) Relay%nbsp;attempts%nbsp;%nbsp;%nbsp;%nbsp;:%nbsp;%nbsp;%nbsp;2741%nbsp;=%nbsp;%nbsp;40.1%nbsp;o/o%nbsp;(Files:%nbsp;30) Accepted%nbsp;by%nbsp;PMAS%nbsp;%nbsp;:%nbsp;%nbsp;%nbsp;4089%nbsp;=%nbsp;%nbsp;59.8%nbsp;o/o%nbsp;(Files:%nbsp;30) %nbsp;%nbsp;Handled%nbsp;by%nbsp;explicit%nbsp;rule %nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;Rejected%nbsp;:%nbsp;%nbsp;%nbsp;3274%nbsp;=%nbsp;%nbsp;80.0%nbsp;o/o%nbsp;(processed),%nbsp;%nbsp;47.9%nbsp;o/o%nbsp;(all) %nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;Accepted%nbsp;:%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;89%nbsp;=%nbsp;%nbsp;%nbsp;2.1%nbsp;o/o%nbsp;(processed),%nbsp;%nbsp;%nbsp;1.3%nbsp;o/o%nbsp;(all) %nbsp;%nbsp;Handled%nbsp;by%nbsp;content %nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;Discarded%nbsp;:%nbsp;%nbsp;%nbsp;%nbsp;201%nbsp;=%nbsp;%nbsp;%nbsp;4.9%nbsp;o/o%nbsp;(processed),%nbsp;%nbsp;%nbsp;2.9%nbsp;o/o%nbsp;(all) %nbsp;%nbsp;%nbsp;%nbsp;%nbsp;Quarantained%nbsp;:%nbsp;%nbsp;%nbsp;%nbsp;260%nbsp;=%nbsp;%nbsp;%nbsp;6.3%nbsp;o/o%nbsp;(processed),%nbsp;%nbsp;%nbsp;3.8%nbsp;o/o%nbsp;(all) %nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;%nbsp;Delivered%nbsp;:%nbsp;%nbsp;%nbsp;%nbsp;265%nbsp;=%nbsp;%nbsp;%nbsp;6.4%nbsp;o/o%nbsp;(processed),%nbsp;%nbsp;%nbsp;3.8%nbsp;o/o%nbsp;(all)
Well, the number of messages has gone up quite a lot, but most of it was spam – somewhere my email address was obtained. However, most of them could be filtered to change behaviour to “reject” in stead of “quarantined” or “discarded” because most of them have similar text in the subject. So that limited the number of messages during the month, there are just a few that pass (but are still determined as spam).
More there have been quite a lot of relay attempts: over 2600 messages, from the same address, to another mail server:
27-JUN-2022%nbsp;14:30:56.12|R|201.150.32.106|nouth@10-234-83-45.connected.by.freedominter.net|test@icanchola.com.mx| (2662%nbsp;messages) 27-JUN-2022%nbsp;18:14:47.85|R|201.150.32.106|adminadmin@10-234-83-45.connected.by.freedominter.net|test@icanchola.com.mx|
The server seems to be located in Mexico (according whois) but the sender is on the same provider as me (Freedomnet.nl). The first record seems to show his ‘real’ name, the rest are all Unix/linux/Windows processes or default users….Of course, none was accepted 🙂

May 2024
M	T	W	T	F	S	S
« Nov
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31