Sendmail stopped working, millions of entries in mailq

Question

Tests say my server isn't an open relay, but all of a sudden sendmail stopped working and I have spam like contents in my mailq:

5F543CE3A73     1000 Sat Mar  2 01:28:41  [REMOVED]@[REMOVED]
(delivery temporarily suspended: host mta5.am0.yahoodns.net[98.136.216.26] refused to talk to me: 421 4.7.0 [TS01] Messages from 70.xx.xx.xx temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
                                         tonysimms63@yahoo.com

Any idea whats happening?

Update: Clearing the mailq and it starts filling immediately. I have turned off postfix.

score 1 · Accepted Answer · answered Mar 04 '13 at 11:36

Either you're relaying for an actual user of yours who is sending spam/virus email, or you have a user who sends email which a lot of yahoo users don't like receiving, or maybe someone has figured how to relay through you (for example an exploitable script on a web server which by default can send through you).

Oleg Neumyvakin · Answer 2 · 2014-04-05T12:14:21.977

1

How can I even start tracking this down?

You can start disabling mail service for domains one by one and checking for mail queue activity.

Or if you have Plesk version 11 you can try to use CommTouch (Parallels Premium Outbound Antispam). Update CommTouch is dropped in Plesk.

Plesk 12 will comes with Outgoing spam control tool.

edited Apr 05 '14 at 12:14

answered Mar 04 '13 at 15:48

Oleg Neumyvakin

739

Sendmail stopped working, millions of entries in mailq

2 Answers2