Trying to understand some email issues

Kurt Buff - GSEC, GCIH kurt.buff at
Mon Jan 21 16:44:36 UTC 2019

On Sun, Jan 20, 2019 at 10:34 PM Patrick Mahan <plmahan at> wrote:
> All,
> FreeBSD 11.2
> Running postfix 3.3.2_1,1
> I'm getting hammered with thousands of emails from -
> Here is an example -
> Jan 20 22:09:01 ns postfix/smtp[1308]: 2DA97A2E2EF: to=<pwascak at>,
>[]:25, delay=13730,
> delays=13728/0.31/1.1/0.06, dsn=4.7.0, status=deferred (host
>[] said: 421 4.7.0 [TSS04]
> Messages from temporarily deferred due to user complaints -
>; see (in reply
> to MAIL FROM command))
> I'm trying to determine if I am somehow relaying emails to, or is
> this someone attacking me.
> I am pretty sure I have postfix to avoid acting like a relay for
> unauthenticated connections.  But this maybe something I have messed up.
> This has been happening only since I upgraded to 11.2 (I was at 9.x).  I
> also just recently switch from sendmail to postfix as well.
> I can provide my postfix config on request if needed.
> Pointers to other mail-lists are welcomed.  I decided to start here before
> jumping on the postfix mailing list.
> Thanks in advance,
> Patrick

I'd suggest, as a first measure, going to, and
looking at their reports for your domain name and your IP address.

Understanding your config and your logs is good, but a quick review of
how others see your domain can point you in the right direction if
there's an error in your config.

For instance, you might have inadvertently made your host an open
relay, and mxtoolbox will understand that. (that just an example - it
actually seems unlikely, as otherwise you'd be getting bounces from
more than just yahoo)


More information about the freebsd-questions mailing list