Richard G
Verified User
Lately we're seeing a lot of emails getting frozen in the mail queue. Or just waiting for a couple of reasons.
Like this:
However this seems as a result to an auto-reply of a user:
This I also found in the mail queue manager:
This looks like some spam is coming through to the email address of the customer, and so there is an autoreply from that email address to the spammer, which does not accept this reply and mail is frozen, is that correct?
And is he hammering because of the "out of connection slots" notice?
Also, some abusers are abusing a newsletter subscribtion option on another server, subscribing with an email address and it looks like he's hammering it, at least I think that because of this result:
This happened more often, when looking the logs, it's various ip's but only happening once every time so I don't understand where this rate is coming from.
How can we prevent this and/or stop these kind of things from happening? Especially the last one?
Like this:
Code:
2017-05-29 13:31:12 Received from <> R=1dFIt8-00074Z-Pn U=mail P=local S=877 T="Autoreply: \"Tips to Avoid Toenail-Fungus\""
2017-05-29 13:31:27 H=gabyear.info [208.110.91.115]: SMTP error from remote mail server after initial connection: 421 gabyear.info out of connection slotsHowever this seems as a result to an auto-reply of a user:
This I also found in the mail queue manager:
Code:
1dFItB-00075I-0u-H
mail 8 12
<>
1496057469 0
-active_hostname hostname.server.nl
-ident mail
-received_protocol local
-aclm _uid 2
-1
-aclm _script_path 1
/
-aclm _user 0
-aclm _username 7
unknown
-body_linecount 13
-max_received_linelength 115
-allow_unqualified_recipient
-allow_unqualified_sender
-localerror
XX
1
[email protected]
150P Received: from mail by hostname.server.nl with local (Exim 4.89)
id 1dFItB-00075I-0u
for [email protected]; Mon, 29 May 2017 13:31:12 +0200
026F From: [email protected]
027T To: [email protected]
006* Bcc:
052 Subject: Autoreply: "Tips to Avoid Toenail-Fungus"
116 In-Reply-To: <gYXDf2Hp4CV37LxIqZEn_1mxYvUPsFvtYfRpuGDdLE8.C9oLnIwlFs76b4nd3S44kpfD2JKxXox9XCzmaYacv4k@gabyear.info>
115 References: <gYXDf2Hp4CV37LxIqZEn_1mxYvUPsFvtYfRpuGDdLE8.C9oLnIwlFs76b4nd3S44kpfD2JKxXox9XCzmaYacv4k@gabyear.info>
029 Auto-Submitted: auto-replied
054I Message-Id: <[email protected]>
038 Date: Mon, 29 May 2017 13:31:09 +0200This looks like some spam is coming through to the email address of the customer, and so there is an autoreply from that email address to the spammer, which does not accept this reply and mail is frozen, is that correct?
And is he hammering because of the "out of connection slots" notice?
Code:
2017-05-29 15:03:16 H=gabyear.info [208.110.91.115]: SMTP error from remote mail server after initial connection: 421 gabyear.info out of connection slots
2017-05-29 15:03:16 [email protected] R=lookuphost T=remote_smtp defer (0) H=gabyear.info [208.110.91.115]: SMTP error from remote mail server after initial connection: 421 gabyear.info out of connection slotsAlso, some abusers are abusing a newsletter subscribtion option on another server, subscribing with an email address and it looks like he's hammering it, at least I think that because of this result:
Code:
2017-06-01 15:15:49 H=alt1.gmail-smtp-in.l.google.com [108.177.97.27] SMTP error from remote mail server after RCPT TO:<[email protected]>: 450-4.2.1 The user you are trying to contact is receiving mail at a rate that\n450-4.2.1 prevents additional messages from being delivered. Please resend your\n450-4.2.1 message at a later time. If the user is able to receive mail at that\n450-4.2.1 time, your message will be delivered. For more information, please\n450-4.2.1 visit\n450 4.2.1 https://support.google.com/mail/?p=ReceivingRate j11si20858632pgc.21 - gsmtpThis happened more often, when looking the logs, it's various ip's but only happening once every time so I don't understand where this rate is coming from.
How can we prevent this and/or stop these kind of things from happening? Especially the last one?