In a previous thread I had mentioned a move I made from ISPConfig 3.0.5.4p8 to ISPConfig 3.1.11 and manually moving emails over on a per-domain basis. One of the domains I moved yesterday had an incident early this morning where there was about 1000 new "undeliverable" errors, 95% of them just being standard "Undelivered Mail Returned to Sender" but a handful of them also having more complete subjects, those ones indicate to me that they were definately spam emails: "Undeliverable: Avoid sexual failures - at unbeatable price! Superpowered medications exclusively!" and stuff like that. All of these emails showed up at the exact same time: 05:52 local time. They seem to be corrupt records, when I do a postcat on one of them I get the following: sender_fullname: om: "Postmaster" Sender: "Postmaster" To: "Postmaster" Subject: [BULK] Undeliverable: Make penis work - all total unknown_record_type: cheapo! Finest medicaments here! Message-ID: <11c601cf897a$202e3bb0$608ab310$@Domain> MIME-Version: 1.0 Content-Type: te unknown_record_type: /plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 5 (Lowest) X-Priority: 5 (Lowest) X-MSMail unknown_record_type: riority: Low X-MSMail-Priority: Low X-Mailer: Microsoft Outlook 15.0 Thread-Inde unknown_record_type: AQKO49i16dQrO1Y4qARJBdx0+VEviA== Importance: Low X-OlkEid unknown_record_type: 000000007E4B4262971D614594FC520A unknown_record_type: C38F3B0700C3B68E10F77511CEB4CD00AA00BBB6E600000000000B0 unknown_record_type: 06EEB7B4CFAF88745A6C4FF4FBE022CAC000000005CF7000 postcat: warning: 1520934811.M506906P11979.RemovedDomain,S=675,W=693:2,S: unexpected EOF in data, record type 48 length 56 postcat: fatal: record read errorI haven't seen this on any other accounts that I've transitioned to the new server yet, I've changed the customers password as a precaution, but as I mentioned, I don't see any indication of any outgoing emails at or around that time. A very curious situation.
