Search  
You are here:  Forums    
Latest Posts Minimize
RE: Server Upgrades Coming Soon by SteveT on 12-28-2008 7:43 AM
RE: accessing with outlook by SteveT on 12-28-2008 7:41 AM
RE: accessing with outlook by DriftorX on 12-27-2008 2:51 AM
accessing with outlook by DriftorX on 12-27-2008 12:52 AM
RE: I can send, but can't receive by Kylibar on 12-23-2008 2:34 AM
RE: I CAN recieve, but CANNOT send. by Kylibar on 12-22-2008 11:24 PM
RE: I CAN recieve, but CANNOT send. by Kylibar on 12-22-2008 11:24 PM
RE: I CAN recieve, but CANNOT send. by Kylibar on 12-22-2008 11:24 PM
RE: I CAN recieve, but CANNOT send. by mcorrow on 12-22-2008 10:33 PM
RE: I CAN recieve, but CANNOT send. by Kylibar on 12-22-2008 10:24 PM

Top 10 Links Minimize

ArGoStuff User to User Support Forums Minimize
Forums > General Discussion Forums > ArGoSoft Mail Server
Subject: HELP!! MailServer down... can't figure it out
Prev Next
You are not authorized to post a reply.

Author Messages
istion1

Posts: 3
Online: User is Offline
ArGoNuke Recruit
ArGoNuke Recruit
04-04-2008 11:50 AM  

Hi,  I don't know what is happening, and I hope someone can help.  Essentially amost every connection is reffused and there is spam or somethink in the outbox, (No one sends out through my server but local lan ).  Has someone cracked into my server and sending spam or something??  HELP

Here is the log file:

 

*I've added to my issue noted below... HELP

3120} END SMTP 
istion1

Posts: 3
Online: User is Offline
ArGoNuke Recruit
ArGoNuke Recruit
04-04-2008 3:44 PM  

Further to my issues... Ok turned off relay and still have tons trying to send through, weird thing is it appears local!! The local machine in fact. Though it can't be. Here is a bit of the log:


4/4/2008 11:10:33 AM - ( 426) MAIL FROM:
4/4/2008 11:10:33 AM - ( 426) 250 Sender koty@dsl-vlan427-MY WAN IPADDRESS.MYISP OK...
4/4/2008 11:10:34 AM - ( 426) RCPT TO:
4/4/2008 11:10:34 AM - ( 426) 551 User not local. We don't relay


4/4/2008 11:10:43 AM - { 427} START SMTP
4/4/2008 11:10:43 AM - Requested SMTP connection from MY LAN IP [servername], ID=427
4/4/2008 11:10:43 AM - ( 427) SMTP connection from --
4/4/2008 11:10:43 AM - ( 427) SMTP connection from MY LAN IP rejected by Lockout Manager. Disconnecting...
4/4/2008 11:10:43 AM - SMTP connection with Lan Address [servername] ended. ID=427


Seems local right? But I've scanned it with two anti-virus, 3 anti spyware, and a rootkit finder and they found nothing.

If i turn off the router the emails stop.

I then booted a backup server and switched to that on the same IP name and the exact same traffic continued, though the ones showing lan ip seemed to quit.

I changed router to forward JUST smtp traffic to back up computer and it received the same traffic, even though every other computer in the network was turned off. and no other services or prgrams were running.

can anyone help?????

istion1

Posts: 3
Online: User is Offline
ArGoNuke Recruit
ArGoNuke Recruit
04-06-2008 2:54 PM  
Turns out two things created this. I had installed ewall, and that changes the look of the logs, causing some confusion.

MORE IMPORTANTLY:

I had set on the mail server to trust my local network. Then when a spammer sent an email from fakeaddress@dsl-vlan my IP address.myisp essentially the actual DSL address of my server the mail server saw this as local and allowed him to relay through the system!!

SteveT
Forum Administrator

Posts: 2594
Online: User is Offline
ArGoNuke Admiral
ArGoNuke Admiral
04-07-2008 8:44 AM  
I'm guessing your have now resolved your problem? Did you install the LSP add-on. This add-on will allow ArGo to see the actual IP address of the sender, instead of your own IP address.
Top Cat Computing BOINC Team StatsRegards,
Steve Topilnycky
Top Cat Computing
http://www.topcatcomputing.com
You are not authorized to post a reply.
Forums > General Discussion Forums > ArGoSoft Mail Server > HELP!! MailServer down... can't figure it out


ActiveForums 3.7

Donations Minimize

Find our site useful? Make a donation to show your support

Donate

logo_ccMC.giflogo_ccVisa.giflogo_ccDiscover.giflogo_ccAmex.gif

ArGoStuff Supporters

 

News from ArGoSoft Minimize
1 2 3 4 5 6

Mail Server v1.0.5.9

Mail Server

  • Added additonal tracking of connections for SMTP and POP3: if they stay on for over 30 minutes, they are getting disconnected;
  • Fixed a problem with mailbags when they accept mail only when main server is down: in case of timeout mailbags were still treating the main server as "available" and rejecting mail;
  • Changed color coding of logs. Now red denotes only errors, delivery is green, POP3, SMTP, IMAP connections - blue;

Web Interface

  • Fixed a problem, when session timeouts were causing errors in the windows system logs;
1/2/2009 1:52:01 PM
Happy Holidays to All!!!

Just wanted to wish everybody Happy Holidays, and wish all the best to all in 2009

Looking forward to work with you next year!

Archie

12/23/2008 10:13:32 PM
Mail Server Pro v1.8.9.6
  • Improved Export to .NET function - sometimes email messages were not getting exported, because the database of email messages was not up to date. Now each folder gets rebuilt before the export function;
12/2/2008 11:19:02 PM
Email Address Validator

We have discontinued our email address validation service, and launched new web site:

http://www.emailaddressvalidator.com

It provides the web service interface to validate lists of email addresses. We hope that our service will help to reduce unwanted traffic on Internet, ensuring that mail is sent only to valid and legitimate addresses.

Sign up now, and get 150 free validations!

11/25/2008 10:13:02 AM
Mail Server v1.0.5.8

Mail Server

  • Mailbags now have an option to accept mail only when specified server is down - will help to fight with spam which attempt to deliver mail bypassing the main server;
  • When delivering mail, if main exchanger returns 4xx reply (temporary problem), the server will not try other exchangers, will retry later the main exchanger;
  • Server options moved from registry to a XML file. 64 bit versions of Vista and 2008 server appear to be having access rights problems to the Windows registry, and the change will make our server more compatible with 64 bit versions;
  • Added an option to specify the number of lines on the log screen, when using the user interface. Was causing memory problems if left running for long time;
  • Fixed couple of problems, which were showing when SQL server was set up to use case sensitive SQL statements;
  • Made changes in the remoting interface to allow logging in using aliases;

Web Interface

  • Made changes to allow logging in using aliases;
  • When viewing folders, web interface now displays the name of logged in user;
11/12/2008 2:31:31 PM

1 2 3 4 5 6

Protect Your Computer today withGet AVG Today


Home:ArGoStuff:Forums:Articles:Cyber Security Tips:FAQ:Downloads:Links
Copyright 2006-2008 by ArGoStuff Terms Of Use Privacy Statement