FairMail client in F-droid
- Inicie sesión ou rexístrese para enviar comentarios
Hello guys,
I installed my own mail server a week ago, when I installed FairEmail client in the F-droid store on my phone just for curiosity I was looking to the /var/log/mail.log and found this :
Jan 22 14:20:59 srv1 postfix/smtpd[6052]: connect from unknown[185.234.219.50]
Jan 22 14:20:59 srv1 postfix/smtpd[6052]: NOQUEUE: reject: RCPT from unknown[185.234.219.50]: 554 5.7.1 <name at domain>: Relay access denied; from=<name at domain> to=<name at domain> proto=ESMTP helo=<[185.234.219.50]>
Jan 22 14:20:59 srv1 postfix/smtpd[6052]: disconnect from unknown[185.234.219.50] ehlo=1 auth=0/1 mail=1 rcpt=0/1 quit=1 commands=3/5
Jan 22 14:24:19 srv1 postfix/anvil[6055]: statistics: max connection rate 1/60s for (smtp:185.234.219.50) at Jan 22 14:20:59
Jan 22 14:24:19 srv1 postfix/anvil[6055]: statistics: max connection count 1 for (smtp:185.234.219.50) at Jan 22 14:20:59
Jan 22 14:24:19 srv1 postfix/anvil[6055]: statistics: max cache size 1 at Jan 22 14:20:59
Jan 22 15:03:52 srv1 postfix/smtpd[7472]: connect from unknown[185.234.219.50]
Jan 22 15:03:52 srv1 postfix/smtpd[7472]: NOQUEUE: reject: RCPT from unknown[185.234.219.50]: 554 5.7.1 <name at domain>: Relay access denied; from=<name at domain> to=<name at domain> proto=ESMTP helo=<[185.234.219.50]>
Jan 22 15:03:52 srv1 postfix/smtpd[7472]: disconnect from unknown[185.234.219.50] ehlo=1 auth=0/1 mail=1 rcpt=0/1 quit=1 commands=3/5
Jan 22 15:05:02 srv1 postfix/postfix-script[7521]: refreshing the Postfix mail system
Jan 22 15:05:02 srv1 postfix/master[4545]: reload -- version 3.3.2, configuration /etc/postfix
Jan 22 15:05:02 srv1 postfix/anvil[7474]: statistics: max connection rate 1/60s for (smtp:185.234.219.50) at Jan 22 15:03:52
Jan 22 15:05:02 srv1 postfix/anvil[7474]: statistics: max connection count 1 for (smtp:185.234.219.50) at Jan 22 15:03:52
Jan 22 15:05:02 srv1 postfix/anvil[7474]: statistics: max cache size 1 at Jan 22 15:03:52
I never used those emails and I dont understand why my server trying to send email to those emails!
Can someone help?
Thanks
The app developer has a help and troubleshooting forum here: https://forum.xda-developers.com/android/apps-games/source-email-t3824168
I searched the forum for your question, but did not see anything similar about the app sending out unknown emails. If you post this same question there, he might be able to answer your question.
Also, he has a very lengthy FAQ here: https://github.com/M66B/open-source-email/blob/master/FAQ.md
Thanks for the link.
I looked again in the logs and found someone who is trying maybe to ddos?
How can I report this IP address? Also I installed fail2ban on my server but it seems it does nothing...
Jan 23 13:30:49 srv1 postfix/smtpd[10260]: connect from unknown[37.49.227.160]
Jan 23 13:30:49 srv1 postfix/smtpd[10260]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:30:49 srv1 postfix/smtpd[10260]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:30:57 srv1 postfix/smtpd[10245]: connect from unknown[37.49.227.160]
Jan 23 13:30:57 srv1 postfix/smtpd[10245]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:30:57 srv1 postfix/smtpd[10245]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:31:06 srv1 postfix/smtpd[10260]: connect from unknown[37.49.227.160]
Jan 23 13:31:07 srv1 postfix/smtpd[10260]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:31:07 srv1 postfix/smtpd[10260]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:31:14 srv1 postfix/smtpd[10245]: connect from unknown[37.49.227.160]
Jan 23 13:31:14 srv1 postfix/smtpd[10245]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:31:14 srv1 postfix/smtpd[10245]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:31:19 srv1 postfix/smtpd[10260]: connect from unknown[37.49.227.160]
Jan 23 13:31:19 srv1 postfix/smtpd[10260]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:31:19 srv1 postfix/smtpd[10260]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:31:45 srv1 postfix/smtpd[10245]: connect from unknown[37.49.227.160]
Jan 23 13:31:45 srv1 postfix/smtpd[10245]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:31:45 srv1 postfix/smtpd[10245]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:31:55 srv1 postfix/smtpd[10260]: connect from unknown[37.49.227.160]
Jan 23 13:31:55 srv1 postfix/smtpd[10260]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:31:55 srv1 postfix/smtpd[10260]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:32:03 srv1 postfix/smtpd[10245]: connect from unknown[37.49.227.160]
Jan 23 13:32:03 srv1 postfix/smtpd[10245]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:32:03 srv1 postfix/smtpd[10245]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:32:12 srv1 postfix/smtpd[10260]: connect from unknown[37.49.227.160]
Jan 23 13:32:12 srv1 postfix/smtpd[10260]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:32:12 srv1 postfix/smtpd[10260]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:32:21 srv1 postfix/smtpd[10245]: connect from unknown[37.49.227.160]
Jan 23 13:32:21 srv1 postfix/smtpd[10245]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:32:21 srv1 postfix/smtpd[10245]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:32:30 srv1 postfix/smtpd[10260]: connect from unknown[37.49.227.160]
Jan 23 13:32:30 srv1 postfix/smtpd[10260]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:32:30 srv1 postfix/smtpd[10260]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:32:40 srv1 postfix/smtpd[10245]: connect from unknown[37.49.227.160]
Jan 23 13:32:40 srv1 postfix/smtpd[10245]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:32:40 srv1 postfix/smtpd[10245]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:32:50 srv1 postfix/smtpd[10260]: connect from unknown[37.49.227.160]
Jan 23 13:32:50 srv1 postfix/smtpd[10260]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:32:50 srv1 postfix/smtpd[10260]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:33:02 srv1 postfix/smtpd[10245]: connect from unknown[37.49.227.160]
Jan 23 13:33:02 srv1 postfix/smtpd[10245]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:33:02 srv1 postfix/smtpd[10245]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:33:10 srv1 postfix/smtpd[10260]: connect from unknown[37.49.227.160]
Jan 23 13:33:10 srv1 postfix/smtpd[10260]: lost connection after AUTH from unknown[37.49.227.160]
Jan 23 13:33:10 srv1 postfix/smtpd[10260]: disconnect from unknown[37.49.227.160] ehlo=1 auth=0/1 commands=1/2
Jan 23 13:33:18 srv1 postfix/smtpd[10245]: connect from unknown[37.49.227.160]
Jan 23 13:33:18 srv1 postfix/anvil[9567]: statistics: max connection rate 9/60s for (smtp:37.49.227.160) at Jan 23 13:29:47
Jan 23 13:33:18 srv1 postfix/anvil[9567]: statistics: max connection count 1 for (smtp:37.49.227.160) at Jan 23 13:23:21
Jan 23 13:33:18 srv1 postfix/anvil[9567]: statistics: max cache size 3 at Jan 23 13:30:42
That IP address is getting its hosting through a company called Estoxy, in the country of Estonia. You can report an abusive IP address to Estoxy using this form: https://www.estoxy.com/panel/submitticket.php?step=2&deptid=4
According to abuseipdb.com, the IP address has already been reported 16 times as abusive. You can report it as abusive to abuseipdb.com at https://www.abuseipdb.com/check/37.49.227.160
Fail2ban has a troubleshooting FAQ up at https://www.fail2ban.org/wiki/index.php/FAQ
Have a look there and see if the problem you are experiencing is covered by the FAQ. Many user manuals and documents and a bug tracker are available at Fail2ban.org.
Wow thanks again!
Happy GNU'ing.
Yep :( now I can't send e-mails with my server :/
I've never used that FairEmail myself. You'd be best off contacting the developer using his forum at the link I gave you.
- Inicie sesión ou rexístrese para enviar comentarios