Register

The Most Active and Friendliest
Affiliate Marketing Community Online!

Register
“Adavice”/  “1Win

Client host rejected: Your IP is spam;

Graybeard

Graybeard

Well-Known Member
Idiots --
14 Sep 28 14:43:08 mail postfix/smtpd[11301]: lost connection after RCPT from unknown[193.32.160.
142]
15 Sep 28 14:43:07 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<office@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
16 Sep 28 14:43:06 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<no-reply@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
17 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<webmaster@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
18 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<contato@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
19 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<mail@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
20 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<sales@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
21 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<support@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
22 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<reply@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
23 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<postmaster@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
24 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<contact@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
25 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<noreply@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
26 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<admin@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
27 Sep 28 14:43:05 mail postfix/smtpd[11301]: NOQUEUE: reject: RCPT from unknown[193.32.160.142]:
554 5.7.1 <unknown[193.32.160.142]>: Client host rejected: Your IP is spam; from=<uw2u2be9904gv95@287
1040.ru> to=<info@pxxxxxxx.com> proto=ESMTP helo=<[193.32.160.142]>
 
Yours or clients?

greybeard blacklist 1.png


greybeard blacklist 2.png
 
that's my mail server;
i just stat the requests and map the REFUSE list;
funny part is some idiots keep coming back
screw the web tools
it's OBVIOUS
log lines|C block
1571 185.234.219
138 193.32.160
105 193.56.28
95 193.169.255

add .0/24 REJECT Your IP is spam
reload the map and restart postfix

no mailmonkey here :D
 
$ ./asinfo.sh
Pls enter your ip:
185.234.219.24
AS | IP | AS Name
210273 | 185.234.219.24 | WHF-LTD-AS, PL
These scumbag spammers don't have PTR :D

barry@cps-ds10:~/netw$
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;193.32.160.14. IN PTR

;; Query time: 86 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Sep 28 13:05:37 EDT 2019
;; MSG SIZE rcvd: 42

barry@cps-ds10:~/netw$ dig PTR +short 193.32.160.14

It's a matter of saving server resources -- refuse the connect when possible
 
Graybeard said:
they are looking for a domain that is using a common role based email name
Click to expand...

This is among the reasons why most all bulk email processors now automatically scrub them from our lists.

My spam logs are always showing loads of rbn's as email prefixes.
 
I added them (those bandit IPs) to the server's firewall -- they cant see me but new ones will come ...
they are trying to relay spam -- these are spam criminals.
this has nothing to do with lists.
postfix is part of an MTA secure by default and you cannot send any mail out without a DKIM key from my mailserver opendkim ...

I can send out to webmaster@yourdomain from my list -- the sender has a DKIM. I do not block any email names (mailboxes) per se. If it is legit on a list -- yes scrubbed.
 
Last edited:
Well is does work --to a degree
Every 10.0s: tac /var/log/mail.log |grep spamhaus |cat -n |less Wed Oct 2 11:27:43 2019

1 Oct 2 10:59:32 mail postfix/smtpd[11320]: NOQUEUE: reject: RCPT from unknown[121.54.164.151]:
554 5.7.1 Service unavailable; Client host [121.54.164.151] blocked using zen.spamhaus.org; https://w
ww.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/121.54.164.151; from=<MatthewWils
onfzry@lpmotors.it> to=<consulting@=============.com> proto=ESMTP helo=<lpmotors.it>
2 Oct 2 10:26:06 mail postfix/smtpd[10173]: NOQUEUE: reject: RCPT from unknown[89.46.100.109]:
554 5.7.1 Service unavailable; Sender address [bounce@ebr-register.com] blocked using dbl.spamhaus.org
; https://www.spamhaus.org/query/domain/ebr-register.com; from=<bounce@ebr-register.com> to=<support@=============.com> proto=ESMTP helo=<www.fastcompany.com>
3 Oct 2 04:04:09 mail postfix/smtpd[29270]: NOQUEUE: reject: RCPT from unknown[58.248.4.158]: 5
54 5.7.1 Service unavailable; Client host [58.248.4.158] blocked using zen.spamhaus.org; https://www.s
pamhaus.org/query/ip/58.248.4.158; from=<maxpo01@sina.com> to=<info@=============.com> proto=ESMTP he
lo=<sina.com>
4 Oct 2 01:09:48 mail postfix/smtpd[23713]: NOQUEUE: reject: RCPT from unknown[178.127.213.10]:
554 5.7.1 Service unavailable; Client host [178.127.213.10] blocked using zen.spamhaus.org; https://w
ww.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/178.127.213.10; from=<oqozysucf@y
ahoo.com> to=<consulting@=============.com> proto=ESMTP helo=<yahoo.com>
5 Oct 2 01:06:43 mail postfix/smtpd[23576]: NOQUEUE: reject: RCPT from unknown[79.175.166.53]:
554 5.7.1 Service unavailable; Client host [79.175.166.53] blocked using zen.spamhaus.org; https://www
.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/79.175.166.53; from=<EricReedl@logi
csys.it> to=<consulting@=============.com> proto=ESMTP helo=<logicsys.it>
6 Oct 2 00:27:47 mail postfix/smtpd[22284]: NOQUEUE: reject: RCPT from unknown[103.233.241.26]:
554 5.7.1 Service unavailable; Client host [103.233.241.26] blocked using zen.spamhaus.org; https://w
ww.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/103.233.241.26; from=<JoelRichard
soncjn@lomys.it> to=<consulting@=============.com> proto=ESMTP helo=<lomys.it>
7 Oct 1 20:19:04 mail postfix/smtpd[20575]: NOQUEUE: reject: RCPT from unknown[103.230.155.154]
: 554 5.7.1 Service unavailable; Client host [103.230.155.154] blocked using zen.spamhaus.org; https:/
/www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/103.230.155.154; from=<LarryPri
celbj@luss.it> to=<consulting@=============.com> proto=ESMTP helo=<luss.it>
8 Oct 1 14:03:50 mail postfix/smtpd[11136]: NOQUEUE: reject: RCPT from srvvv108.unsubscribes.or
g[172.106.75.192]: 554 5.7.1 Service unavailable; Unverified Client host [srvvv108.unsubscribes.org] b
locked using dbl.spamhaus.org; https://www.spamhaus.org/query/domain/unsubscribes.org; from=<zfiay@att
.uh84.cn> to=<products@=============.zone> proto=ESMTP helo=<att.uh84.cn>

Still have one fool that is evading the firewall with a forged IP address -- but it's reduced 90%
They are all NOQUEUE (ignored). Rats in their cages :p
 

Similar threads

bulkpocket
What is Listserv
Replies
10
Views
582
azgold
azgold
A
How long is are email addresses marked as spam?
Replies
3
Views
2K
Graybeard
Graybeard
Faceless Men
Seeking Help [Partnership] My Lists, Landing Pages, Email Copies + Your SMTP + CPA
Replies
1
Views
417
becoh20861
B
T J Tutor
Who Is Using "AMP" Emails?
Replies
2
Views
938
mistermoo
mistermoo
Tatyana_ClickAdilla
Ask Me Anything Boost your dating ads – try email clicks!
Replies
5
Views
1K
DirectOffersAvailable
DirectOffersAvailable
MI
Back