Yahoo starts blocking e-mails from our server.
It is possible that someone/somehow is sending spams.
Please help me find what is sending spam from our server.
First please explain to me the following logs (ourdomain is hosted on our server):
Feb 3 14:45:57 softexp postfix/smtpd: NOQUEUE: reject: RCPT from unknown[117.87.x.x]: 554 5.7.1 Service unavailable; Client host [117.87.x.x] blocked using sbl-xbl.spamhaus.org; http://www.spamhaus.org/query/bl?ip=117.87.x.x; from=<email@example.com> to=<firstname.lastname@example.org> proto=ESMTP helo=<PC-200901111752>
Feb 3 14:45:58 softexp postfix/smtp: 56966AC86D: to=<email@example.com>, relay=d.mx.mail.yahoo.com[184.108.40.206]:25, delay=7.6, delays=0/0.01/7.6/0, dsn=4.7.0, status=undeliverable (host d.mx.mail.yahoo.com[220.127.116.11] refused to talk to me: 421 4.7.0 [TS02] Messages from 18.104.22.168 temporarily deferred due to user complaints - 22.214.171.124; see http://postmaster.yahoo.com/421-ts02.html)
What I understand:
1. the client 117.87.x.x tries to connect to our server but is blocked. (it is at spamhouse). It tries to send frm firstname.lastname@example.org
Everything ok till now.
2. what does the second line means? Our server is tring to send to email@example.com
. Why? It is for sure related with the first log line...
It is because of some bounce message or what?
my postfix restrictions are:
# warn_if_reject reject_unverified_sender
# check_sender_access hash:/usr/local/etc/postfix/access_sender