1

Topic: Undelivered Mail Returned to Sender - Unknown RU user!!

==== Required information ====
- iRedMail version: 0.9.1
- Linux/BSD distribution name and version: Centos 7.0
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- Related log if you're reporting an issue:
====

Hi All

I have an email server hosted in Azure, with a very tight setup on their firewall and also on the Linux box with Firelld, fail2ban, etc.

I have configured iredmail to only accept authorised users (hand full) and open relay is absolutely closed.

However I get 4 emails, like the below, everyday.

I had a good root around, files, passwords, log files but all ok, do you know what it could be pls?

Thanks

Lucio
-----------

>>> REPORT

This is the mail system at host imap.iotdevicenews.com.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

                  The mail system

<odink@mail.ru>: host mxs.mail.ru[217.69.139.150] said: 550 spam message
   rejected. Please visit
   http://help.mail.ru/notspam-support/id? … EArkQ0Eg~~
   or  report details to abuse@corp.mail.ru. Error code:
   D57047A3DB4BBF0DFB1C5729B2CCC229F14471E9AD22BAE8C5D86FA20409DC339473EB74AEAC1A70.
   ID: 0000000600010504123444AE. (in reply to end of DATA command)


>>>>>>DELIVERY REPORT:

Final-Recipient: rfc822; odink@mail.ru
Original-Recipient: rfc822;odink@mail.ru
Action: failed
Status: 5.0.0
Remote-MTA: dns; mxs.mail.ru
Diagnostic-Code: smtp; 550 spam message rejected. Please visit
   http://help.mail.ru/notspam-support/id? … EArkQ0Eg~~
   or  report details to abuse@corp.mail.ru. Error code:
   D57047A3DB4BBF0DFB1C5729B2CCC229F14471E9AD22BAE8C5D86FA20409DC339473EB74AEAC1A70.
   ID: 0000000600010504123444AE.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Undelivered Mail Returned to Sender - Unknown RU user!!

Someone was trying to send email to 'odink@mail.ru', but destination server blocked your server (check the url in bounce message to figure it out).

Maybe someone (your local/trusted users) configured to forward email to this 'odink@', you should check it.

3

Re: Undelivered Mail Returned to Sender - Unknown RU user!!

Hi Z

Thank you for your quick response.

I had a massive look around in all files, including MySQL, and the only entry i could find it was on the table: madder

and the entries area:

(0,46454,'king_lion1980@mail.ru','ru.mail'),(0,46455,'i.isaeva@mail.ru','ru.mail'),(0,46456,'tale.07@mail.ru','ru.mail'),(0,46457,'info@kripty.ru','ru.kripty'),(0,46458,'furaev-a@mail.ru','ru.mail'),(0,46459,'vvv_1984@inbox.ru','ru.inbox'),(0,46460,'tarana0@mail.ru','ru.mail'),(0,46461,'odink@mail.ru','ru.mail')

Nothing else, i'm baffled!

Ant other tips pls

Many thanks

Lucio

4

Re: Undelivered Mail Returned to Sender - Unknown RU user!!

Please check Postfix log file instead: /var/log/maillog.

5

Re: Undelivered Mail Returned to Sender - Unknown RU user!!

Hi H

Thank you again for your help, I think I managed to address the issue, and the clue was in the line on /var/log/maillog:

amavis[35247]: (35247-01) Passed CLEAN {RelayedInbound}, [4x.1xx.19.xxx]:58036

I had a rule on iRedMail to allow emails from another server, and this server had few ports opened.

Closed all down, lets see what happens, so far log files shows nothing!

Thanks

Lucio