Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 1 subscriber
  • Views 845 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Spam mail notification recurrence

johnmunyi
Hi Guys, am on ASG 7.509 and this is thesecond time am noticing this issue, under the mail manager SMTP log am getting this notification of a rejected:spam mail from the same email address to a specific email address that i host repeatedly almost twice in a single minute.

the most amazing thing is that this mail appears to have been rejected since 3rd of Feb 2011 and is appearing in 374 pages of my SMTP log.

Kindly help, this is quite abnormal because no user can send emails in such frequency of like 2 every minutes. is this a real spam or ASg is reporting hoaxes.[:(]


This thread was automatically locked due to age.
Parents
  • 0
    Assume your internal network is 10.20.30.1/24, you have nothing at 10.20.30.351 and the offending IP is 65.75.85.95.

    Traffic Source: {65.75.85.95} 
    Traffic Service: SMTP
    Traffic Destination: External (Address) {or whatever is the target of your MX record}

    NAT mode: DNAT (Destination)

    Destination: {10.20.30.351}  {it may work if this is left blank - I'd be interested to know if someone tries it blank}
    Destination Service: {leave empty when not changing}

    Automatic 
    packet filter rule: {unchecked!}



    Since there's no packet filter rule, the traffic is dropped.  Even if the traffic were allowed, the bits would still have no place to go.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    Assume your internal network is 10.20.30.1/24, you have nothing at 10.20.30.351 and the offending IP is 65.75.85.95.

    Traffic Source: {65.75.85.95} 
    Traffic Service: SMTP
    Traffic Destination: External (Address) {or whatever is the target of your MX record}

    NAT mode: DNAT (Destination)

    Destination: {10.20.30.351}  {it may work if this is left blank - I'd be interested to know if someone tries it blank}
    Destination Service: {leave empty when not changing}

    Automatic 
    packet filter rule: {unchecked!}



    Since there's no packet filter rule, the traffic is dropped.  Even if the traffic were allowed, the bits would still have no place to go.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data