Re: Log entries for one email

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Log entries for one email

/dev/rob0
On Sat, Jul 15, 2017 at 03:50:27AM -0700, Doug Hardie wrote:
> The following log entries have me confused.  An email was received.  
> The mail from address is shown, but I don't see the rcpt to address
> unless it is the "<>" shown in the one entry.  However, I believe
> that should generate a bounce, but it does not appear to have done
> so.  What really transpired here?

An incoming bounce was received from prodigy.net.

> Jul 14 21:28:00 mail postfix/postscreen[84312]: CONNECT from [144.160.244.40]:48373 to [10.0.1.230]:25
> Jul 14 21:28:06 mail postfix/postscreen[84312]: PASS NEW [144.160.244.40]:48373
> Jul 14 21:28:06 mail postfix/smtpd[16441]: connect from alph132.prodigy.net[144.160.244.40]
> Jul 14 21:28:06 mail postfix/smtpd[16441]: Anonymous TLS connection established from alph132.prodigy.net[144.160.244.40]: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
> Jul 14 21:28:07 mail postsrsd[16442]: srs_reverse: <srs0=fvvw=6s=newcent.info=[hidden email]> rewritten as <[hidden email]>
> Jul 14 21:28:07 mail postfix/smtpd[16441]: 3x8c470Wzlz2fjT1: client=alph132.prodigy.net[144.160.244.40]
> Jul 14 21:28:07 mail postsrsd[16468]: srs_forward: <""> not rewritten: No at sign in sender address
> Jul 14 21:28:07 mail postsrsd[16469]: srs_reverse: <srs0=fvvw=6s=newcent.info=[hidden email]> rewritten as <[hidden email]>
> Jul 14 21:28:07 mail postfix/cleanup[16467]: 3x8c470Wzlz2fjT1: message-id=<[hidden email]>
> Jul 14 21:28:07 mail postfix/qmgr[816]: 3x8c470Wzlz2fjT1: from=<>, size=11043, nrcpt=1 (queue active)
> Jul 14 21:28:07 mail postfix/smtp[16471]: warning: numeric domain name in resource data of MX record for newcent.info: 150.242.216.1

If newcent.info is yours you need to fix that.

> Jul 14 21:28:07 mail postfix/smtpd[16441]: disconnect from alph132.prodigy.net[144.160.244.40] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
> Jul 14 21:28:08 mail postfix/smtp[16471]: 3x8c470Wzlz2fjT1: to=<[hidden email]>, orig_to=<srs0=fvvw=6s=newcent.info=[hidden email]>, relay=150.242.216.1[150.242.216.1]:25, delay=1.5, delays=0.46/0/0.64/0.42, dsn=2.6.0, status=sent (250 2.6.0 message received)
> Jul 14 21:28:08 mail postfix/qmgr[816]: 3x8c470Wzlz2fjT1: removed

The next-to-last line has the to=<...> address as well as
orig_to=<...>, and postsrsd logged what it did in srs_reverse.

> mail# postconf -n
--
  http://rob0.nodns4.us/
  Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
Loading...