1 (edited by arcee123 2014-08-11 01:19:58)

Topic: maillist address sending email???

Greetings,
I have created a maillist using the instructions placed on the page: http://www.iredmail.org/wiki/index.php? … pLDAPadmin

The problem is that while it's a maillist, for some reason I'm getting return emails via the maillist from bad email addresses saying my maillist sent an email.

Basically, maillist@domain.com is sending email, to which is being bounced back to maillist@domain.com.  But because maillist@domain.com belongs to six accounts, all six email accounts are getting the bounceback.

I think it's a hack, because a maillist shouldn't be sending email, yes?
How do I troubleshoot?
Thank you.

2

Re: maillist address sending email???

Please paste the original bounce message (returned email) so that others can help troubleshoot.

3

Re: maillist address sending email???

Hi,
the message header to the return is:

Return-Path: <MAILER-DAEMON>
Delivered-To: cheng@trekfederation.com
Received: from localhost (nx-ic-ift.ncwcom.com [127.0.0.1])
    by nx-ic-ift.ncwcom.com (Postfix) with ESMTP id 4224E300C1C
    for <cheng@trekfederation.com>; Sun, 10 Aug 2014 13:05:16 -0400 (EDT)
X-Virus-Scanned: amavisd-new at nx-ic-ift.ncwcom.com
X-Spam-Flag: NO
X-Spam-Score: 3.418
X-Spam-Level: ***
X-Spam-Status: No, score=3.418 tagged_above=2 required=6.2 tests=[BAYES_80=2,
    HTML_MESSAGE=0.001, RDNS_NONE=0.793, URIBL_BLOCKED=0.001,
    URIBL_JP_SURBL=0.4087, URIBL_WS_SURBL=0.214] autolearn=no
Received: from nx-ic-ift.ncwcom.com ([127.0.0.1])
    by localhost (nx-ic-ift.ncwcom.com [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id 50nkIEKymCXs for <cheng@trekfederation.com>;
    Sun, 10 Aug 2014 13:05:10 -0400 (EDT)
Received: from bmx.nerim.net (unknown [194.79.134.132])
    by nx-ic-ift.ncwcom.com (Postfix) with ESMTP id 2FE143002D0
    for <council@trekfederation.com>; Sun, 10 Aug 2014 13:05:10 -0400 (EDT)
Received: by bmx.nerim.net (Postfix)
    id 55CAD2EE79; Sun, 10 Aug 2014 19:15:27 +0200 (CEST)
Date: Sun, 10 Aug 2014 19:15:27 +0200 (CEST)
From: MAILER-DAEMON@bmx.nerim.net (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: council@trekfederation.com
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
    boundary="6B68C2EE40.1407690927/bmx.nerim.net"
Message-Id: <20140810171527.55CAD2EE79@bmx.nerim.net>

the"Original" Message:

This is the mail system at host bmx.nerim.net.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                   The mail system

<commandesdd@ucad.fr>: host mail.ucad.fr[90.83.193.187] said: 550 5.1.1
    <commandesdd@ucad.fr>: Recipient address rejected: User unknown in local
    recipient table (in reply to RCPT TO command)

Reporting-MTA: dns; bmx.nerim.net
X-Postfix-Queue-ID: 6B68C2EE40
X-Postfix-Sender: rfc822; council@trekfederation.com
Arrival-Date: Sun, 10 Aug 2014 19:15:26 +0200 (CEST)

Final-Recipient: rfc822; commandesdd@ucad.fr
Original-Recipient: rfc822;commandesdd@ucad.fr
Action: failed
Status: 5.1.1
Remote-MTA: dns; mail.ucad.fr
Diagnostic-Code: smtp; 550 5.1.1 <commandesdd@ucad.fr>: Recipient address
    rejected: User unknown in local recipient table

Subject     Flee from 1mptoence with Cial!s of moderate cost
From     nil zhongmin
To     commandesdd@ucad.fr
Date     Sun 18:47

Pfizer pharmaceuticals - blue tablets. Now the reasonable price and fast delivery to your house. Look here

If I highlight the From "nil zhongmin" line, it says council@trekfederation.com.  Council is the maillist.  It does not have a mailbox.  This means either someone is faking the email (what do I do then?) or something else.
Help?
Thanks