SPAM SMTP delivery ?
Question asked by Uwe Degenhardt - May 12, 2015 at 6:20 AM
I everybody, we have the following entries in our smtp.log
I am confused. No authentication message is coming. No real message delivery.
Is this the try to send SPAM-messages ?
14:53:16 [][65653794] rsp: 220
14:53:16 [][65653794] connected at 12.05.2015 14:53:16
14:53:16 [][65653794] cmd: HELO localhost
14:53:16 [][65653794] rsp: 250 Hello []
14:53:16 [][65653794] cmd: MAIL FROM: <>
14:53:16 [][65653794] rsp: 250 OK <> Sender ok
14:53:16 [][65653794] cmd: RCPT TO: <>
14:53:16 [][65653794] rsp: 550 <> No such user here
14:53:16 [][65653794] cmd: RSET
14:53:16 [][65653794] rsp: 250 OK

2 Replies

Reply to Thread
Do you host websites on the same server?
Have you WHITELISTED in SmarterMail?
I ask because the line, "14:53:16 [][65653794] cmd: HELO localhost" makes it look like someone has compromised your server and is using an SMTP service to send through SmarterMail.
Bruce Barnes
ChicagoNetTech Inc

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal:
Security Blog:

Web and E-Mail Hosting, E-Mail Security and Consulting
Hi Bruce, thank you. No, I don't host other websites. But I run
IIS for the SM-Webmailer and Admin-Access.
I doublechecked SMTP-Bypass. is not there.
Also I haven't whitelisted it. Strange.
I will scan the whole server with a virus scanner.
Could it be, that these are compromised eMail-Accounts
running through the SM-Webmailer ?

Reply to Thread