This is the breakdown from a partial day’s worth of logging from one of my mail servers.

A significant percentage of mail was rejected, without any backscatter, apart from (any possible) legit senders getting bounces from their sending servers.

Helo command rejected: Invalid name (total: 3)
Recipient address rejected: Access denied (total: 118)
Recipient address rejected: Mail appeared to be SPAM or forged. Ask your Mail/DNS-Administrator to correct HELO and DNS MX settings or to get removed from DNSBLs (total: 1940)
Recipient address rejected: temporarily blocked because of previous errors - retrying too fast. penalty (total: 924)
Recipient address rejected: User unknown in relay recipient table (total: 3142)
Recipient address rejected: Your MTA is listed in too many DNSBLs (total: 1269)
Relay access denied (total: 21)
Sender address rejected: Domain not found (total: 800)
Sender address rejected: need fully-qualified address (total: 3)

Know what I mean?

There is one gotcha: Antivirus on servers sometimes send out mail using incorrectly configured sender addresses. They’ll be rejected. Of course, most of those are sent to the wrong party anyway, because most viruses fake sender info. And there are a few machines that send mail that nobody knows about. Plunk, they’ll never make it through my machines. Those are quite often sent from root@domain.com. Occasionally postmaster accounts are similarly incorrectly configured. These mails often bypass the mailserver, so all bets are off. Oh, and here’s a good one: One company has a machine (a Xerox machine?) somewhere that sends reports to the mother company. Only they never receive them because the whole thing is incorrectly configured.

This entry was posted on Monday, January 23rd, 2006 at 11:47 am and is filed under Admin issues, Mail spam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.