Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I have an interesting issue, probably nothing to be done about it ... I have attempted to send a particular message to a co-worker several times. Each time I get "... relay=mail.twc.com [107.14.73.68], dsn=2.0.0, stat=Sent (ESMTP server not available)" in my maillog. The message is as follows:
Code:
From: Mark Foley <mfoley@novatec-inc.com>
Date: Wed, 14 Feb 2018 09:32:24 -0500
Organization: Novatec Software Engineering, LLC
To: <coworker>
Subject: Re: Fwd: **Important Please Read**
I would say totally bogus. The link is to download a Word document with lots of
macros.
The From: address says batteriesplus.com, but it's really from
gerencia-contabilidad@realdeminasinn.com.
You could confirm by calling Batteries Plus and asking about it. If they say
realdeminasinn.com is their "agent" for billing, you can tell them we do not
accept links to downloads of Word Documents with macros and they need to find
some other way of billing ... but I doubt it's legit.
--Mark
-----Original Message-----
Subject: Fwd: **Important Please Read**
To: Mark Foley <mfoley@novatec-inc.com>
From: <coworker>
Date: Wed, 14 Feb 2018 08:36:12 -0500
Mark,
Could you check to make sure this is legit?* Something seems off about
this email.* I don't know why I am receiving this email and not
payables@mydomain.org. Thank you!
-------- Forwarded Message --------
Subject: **Important Please Read**
Date: Mon, 12 Feb 2018 16:08:49 -0400
From: logistics161@batteriesplus.net
<gerencia-contabilidad@realdeminasinn.com>
To: <coworker>
Morning Charmaine C
I have checked and re attached all forms required.
Please advise if you find any error.
>> http://www.gdnuoerxin.com/Paid-Invoice-Credit-Card-Receipt/
Many Thanks
logistics161@batteriesplus.net
The original message was obviously a bogus phishing attempt and the link is for a download of a Word documents with lots of unintelligible macros. My response back to my coworker never arrived. I sent it 3 times on 2 different days. When I examined my local maillog I saw the aforementioned "ESMTP server not available". I never received a bounce message to my sending email address.
Finally, I tried resending, the message, but removing the link from the included message copy. That worked.
My theory is that Time-Warner (twc.com) must have this particular link registered as BAD and have some kind of filter going that looks for this link in messages and returns the "ESMTP server not available".
Does that seem logical/possible? Why no bounce message back to me?
Feb 15 12:30:46 server sm-mta[27300]: w1FHUkTA027300: from=<mfoley@server.novatec-inc.com>, size=2825, class=0, nrcpts=1, msgid=<201802151730.w1FHUkDv027299@server.novatec-inc.com>, proto=ESMTPS, daemon=MTA, relay=localhost [127.0.0.1]
Feb 15 12:30:53 server sm-mta[27305]: w1FHUkTA027300: to=<obfuscated>, ctladdr=<mfoley@server.novatec-inc.com> (101/200), delay=00:00:07, xdelay=00:00:06, mailer=relay, pri=122825, relay=mail.twc.com [107.14.73.68], dsn=2.0.0, stat=Sent (ESMTP server not available)
Note that there was no log entry on the destination computer, nor any bounce message to the sender.
Quote:
Originally Posted by bitfuzzy
It's possible TWC (Spectrum) is experiencing technical difficulties, but as requested by MensaWater, a log sampling could prove helpful
Have you called their help(less) desk?
I don't think TWC was experiencing technical difficulties I tried this several times with the same result, then deleted the bogus link in the attached SPAM (gdnuoerxin...) and it went through. I didn't bother calling the help desk.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
