/var/log/maillog growing out of control -- not sure what I'm missing...

Discussion in 'General' started by NetEndeavors, Jun 8, 2010.

  1. NetEndeavors

    NetEndeavors New Member

    All,

    My maillog is just growing out of control and I'm wondering what I can do to eliminate the crap messages as shown below

    Thanks in advance!
    Dave

    Code:
    Jun  7 21:36:43 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:43 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:43 morel postfix/smtpd[10540]: NOQUEUE: reject: RCPT from unknown[112.166.173.186]: 450 4.7.1 <QFSEDRNVIK>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<QFSEDRNVIK>
Jun  7 21:36:43 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:43 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:44 morel postfix/smtpd[10436]: NOQUEUE: reject: RCPT from unknown[186.84.129.95]: 450 4.7.1 <Dynamic-IP-1868412995.cable.net.co>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<Dynamic-IP-1868412995.cable.net.co>
Jun  7 21:36:44 morel postfix/smtpd[10373]: NOQUEUE: reject: RCPT from unknown[186.18.149.18]: 450 4.7.1 <cpe-18.149.18.186.in-addr.arpa>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<cpe-18.149.18.186.in-addr.arpa>
Jun  7 21:36:44 morel postfix/smtpd[10436]: NOQUEUE: reject: RCPT from unknown[186.84.129.95]: 450 4.7.1 <Dynamic-IP-1868412995.cable.net.co>: Helo command rejected: Host not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<Dynamic-IP-1868412995.cable.net.co>
     
    NetEndeavors, Jun 8, 2010
    #1
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    Looks like a spam attack. Or the DNS servers in /etc/resolv.conf are not reachable.
     
    till, Jun 8, 2010
    #2
  3. NetEndeavors

    NetEndeavors New Member

    Thanks till,

    I just reconfigured and reverified my DNS settings and did nslookups on each nameserver specified.... All checked out fine there....

    Any ideas what to configure to suppress these messages? Or fail2ban rules I can put in place to curtail them?

    Dave
     
    NetEndeavors, Jun 8, 2010
    #3
  4. Mark_NL

    Mark_NL Member

    Looks like a spammer indeed .. might want to add some rbl checks in your config :)

    just set your logrotator on daily or something, if the files tend to get to big.
     
    Mark_NL, Jun 8, 2010
    #4

Share This Page