Emails to non-existent accounts being sent to users

Discussion forum for Enterprise Edition.
Post Reply
jmurdock
Posts: 35
Joined: Tue Jun 21, 2005 6:16 pm
Location: Peterborough Ontario

Emails to non-existent accounts being sent to users

Post by jmurdock » Mon Dec 14, 2015 10:08 pm

We are using Mailenable 8.02 and we have the following situation:

assuming our email domain was abc.com...

The three tech people started receiving a large amount of spam, all selling watches. When we looked at the email we could see that it was coming to non-existent accounts on abc.com, like xyz@abc.com and then being forwarded to just the 3 of us.

I initially thought this was happening through the catch-all account, so I disabled it.

We are still receiving emails that are forwarded from 'users' that don't exist on our servers to us.

I have noticed that the vast majority of these emails are being blocked at the server:

12/14/15 00:16:33 SMTP-IN 751DEC43AE984652A06BE647B42B9E60.MAI 728 138.36.62.166 RCPT RCPT TO: <kate@abc.com> 550 Requested action not taken: mailbox unavailable or not local 66 28

for example.

Our server is probably getting 1000+ of these per hour, and 4 - 5 per hour are 'leaking' through and being forwarded to us. I can't for the life of me figure out how. By looking at the headers I can verify these accounts do not exist on our mail server, so how they get forwarded to us I don't understand.

Any thoughts from anyone how that could happen? I'm stumped.

MailEnable-Ian
Site Admin
Posts: 9546
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: Emails to non-existent accounts being sent to users

Post by MailEnable-Ian » Tue Dec 15, 2015 12:50 am

Hi,

The first step would be to upgrade to version 8.61 since 8.02 is outdated and would be ideal patching any security issues and problems with the MailEnable core services.

Once upgraded and the problems persist you will need to trace through the log files to determine how the messages to non existent mailboxes are being forwarded to valid users. Login your mailbox via web mail and right click on one of the messages and select "download Source". Once you have the source message ID start tracing back through the log files starting from the postoffice connector log files to SMTP.
Regards,

Ian Margarone
MailEnable Support

JvdBroek
Posts: 6
Joined: Fri Aug 06, 2021 10:31 am

Re: Emails to non-existent accounts being sent to users

Post by JvdBroek » Fri Aug 06, 2021 10:35 am

This still happens on version 10.34, the Plesk edition on Windows.

Any resolutions, suggestions?

Regards,
Jan

Post Reply