Fwd: "Short test message"

Fri Dec 26 01:24:19 UTC 2014

On Fri, Dec 26, 2014 at 02:08:15AM +0100, Dutch Daemon - FreeBSD Forums Administrator wrote:
> Now with CC
> 
> 
> -------- Original Message --------
> From: Dutch Daemon -  FreeBSD Forums Administrator <DutchDaemon at FreeBSD.org>
> Sent: December 26, 2014 2:04:58 AM GMT+01:00
> To: freebsd-test at freebsd.org
> Subject: "Short test message"
> 
> As requested by postmaster@
> 

Curious...  On hub, I see:

hub(11.0-C)[1] cd /var/log
hub(11.0-C)[2] grep 1B93B0C9-903F-4FDE-90B7-86FF45B42FBA maillog 
Dec 26 01:08:30 hub postfix/cleanup[23982]: D74A398C: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:30 hub spamd[3083]: spamd: processing message <1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org> for flo:1248 
Dec 26 01:08:31 hub spamd[504]: spamd: checking message <1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org> for mailman:91 
Dec 26 01:08:32 hub spamd[3083]: spamd: result: . 0 - AWL,BAYES_00,UTF8_CHARSET scantime=1.1,size=3503,user=flo,uid=1248,required_score=5.0,rhost=localhost,raddr=::1,rport=29598,mid=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>,bayes=0.000000,autolearn=no autolearn_force=no 
Dec 26 01:08:32 hub postfix/cleanup[23955]: 0931B98F: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[24011]: 0ED1D991: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[20512]: D842B98D: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub spamd[504]: spamd: result: . 0 - AWL,BAYES_00,UTF8_CHARSET scantime=0.8,size=3455,user=mailman,uid=91,required_score=5.0,rhost=localhost,raddr=127.0.0.1,rport=29600,mid=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>,bayes=0.000000,autolearn=no autolearn_force=no 
Dec 26 01:08:32 hub postfix/cleanup[20512]: 812489AE: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[24011]: 820A09AF: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[23982]: 835239B0: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[24011]: 899E99B6: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[24011]: 89E289B9: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[23955]: 898229B4: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[20512]: 8B4899BA: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[23982]: 8D8EE9BB: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[24011]: 8FEFE9BC: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[24105]: 9241B9C0: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 hub postfix/cleanup[20512]: 93FB59C1: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
hub(11.0-C)[3] 

which seems like a LOT of maillog entries for one message with a
small number of recipients.

Checking mx2, I see:

root at mx2:~ # cd /var/log
root at mx2:/var/log # grep 1B93B0C9-903F-4FDE-90B7-86FF45B42FBA maillog
Dec 26 01:08:32 mx2 postfix/cleanup[12079]: 0B87B36B2: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[12627]: 1120A36B3: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[17022]: 112F136B4: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[12627]: 8419536D6: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[17059]: 8498736D9: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[17022]: 8A92336DB: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[17137]: 8D0E536E1: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[12079]: 8F27F36E5: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[13689]: 8F2B936E7: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[17163]: 8F67636E8: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[17170]: 9491936E9: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[12627]: 9E42C36F2: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[17172]: 9EB3F36F3: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:32 mx2 postfix/cleanup[17059]: 9F1AD36F5: message-id=<1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org>
Dec 26 01:08:34 mx2 postfix/smtp[17332]: 8F2B936E7: to=<nightrecon at hotmail.com>, relay=mx4.hotmail.com[65.55.37.88]:25, delay=1.8, delays=0.1/1/0.25/0.46, dsn=2.0.0, status=sent (250  <1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org> Queued mail for delivery)
Dec 26 01:08:34 mx2 postfix/smtp[17332]: 8F2B936E7: to=<rh14 at hotmail.com>, relay=mx4.hotmail.com[65.55.37.88]:25, delay=1.8, delays=0.1/1/0.25/0.46, dsn=2.0.0, status=sent (250  <1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org> Queued mail for delivery)
Dec 26 01:08:34 mx2 postfix/smtp[17269]: 9491936E9: to=<rsedraoui at hotmail.com>, relay=mx4.hotmail.com[65.55.37.104]:25, delay=2, delays=0.11/1.2/0.25/0.45, dsn=2.0.0, status=sent (250  <1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org> Queued mail for delivery)
Dec 26 01:08:36 mx2 postfix/smtp[17324]: 8A92336DB: to=<linux at ziemer.net>, relay=2000584311.mail.outlook.com[207.46.163.247]:25, delay=3.5, delays=0.1/1/0.52/1.9, dsn=2.6.0, status=sent (250 2.6.0 <1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org> [InternalId=21796959027908, Hostname=DM2PR0201MB0573.namprd02.prod.outlook.com] Queued mail for delivery)
Dec 26 01:08:36 mx2 postfix/smtp[17093]: 9E42C36F2: to=<hsing.yuan at isilon.com>, relay=emc-com.mail.protection.outlook.com[213.199.154.87]:25, delay=4, delays=0.1/1.3/1.5/1.1, dsn=2.6.0, status=sent (250 2.6.0 <1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org> [InternalId=39195871544239, Hostname=DBXPR04MB335.eurprd04.prod.outlook.com] Queued mail for delivery)
Dec 26 01:08:37 mx2 postfix/smtp[17265]: 9F1AD36F5: to=<sgarcia at cecoban.org.mx>, relay=cecoban-org-mx.mail.protection.outlook.com[207.46.163.170]:25, delay=4.6, delays=0.11/1.4/1.1/2.1, dsn=2.6.0, status=sent (250 2.6.0 <1B93B0C9-903F-4FDE-90B7-86FF45B42FBA at FreeBSD.org> [InternalId=22415434318232, Hostname=CY1PR0201MB0729.namprd02.prod.outlook.com] Queued mail for delivery)
root at mx2:/var/log # grep 1B93B0C9-903F-4FDE-90B7-86FF45B42FBA maillog | grep -i bengrimm
root at mx2:/var/log #

Hmmm...  A similar large number of log messages, but none mention
bengrimm.net.

Looking a bit more on mx2:

root at mx2:/var/log # grep -wi bengrimm maillog
Dec 26 01:02:12 mx2 postfix/smtp[15420]: 688A33578: host hail.bengrimm.net[185.23.140.188] said: 451 4.7.1 Greylisting in action, please come back in 00:03:00 (in reply to RCPT TO command)
Dec 26 01:02:24 mx2 postfix/smtp[15420]: 688A33578: to=<freebsd at bengrimm.net>, relay=offshore.bengrimm.net[84.22.99.9]:25, delay=24, delays=0/0/23/0.63, dsn=5.7.1, status=bounced (host offshore.bengrimm.net[84.22.99.9] said: 550 5.7.1 <freebsd at bengrimm.net>... Relaying denied (in reply to RCPT TO command))
Dec 26 01:12:12 mx2 postfix/smtp[17194]: 8B90C1CE3: to=<freebsd at bengrimm.net>, relay=hail.bengrimm.net[185.23.140.188]:25, delay=11, delays=0/0/10/0.73, dsn=2.0.0, status=sent (250 2.0.0 sBQ1C1C6069795 Message accepted for delivery)
root at mx2:/var/log # 

Hmmm... perhaps Mailman isn't especially happy about being greylisted.

Does that help provide some clues for evasive action for you?

Peace,
david
-- 
David H. Wolfskill				david at catwhisker.org
Actions have consequences ... as do inactions.

See http://www.catwhisker.org/~david/publickey.gpg for my public key.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 949 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-test/attachments/20141225/6c6d0d29/attachment.sig>