Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2476 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

outgoing mail to IBM marked as SPAM (confirmed)

JasonIstre
9.104-17

Started this morning.  Any mail that any internal user sends to us.ibm.com is coming back immediately as undeliverable.  I looked in the SMTP log and it shows  rejected from our exchange server to us.ibm.com for reason SPAM (confirmed).

How can I get more info like why it's confirmed spam?

It was like this for about 2 hours, then suddenly they started going through again.

Ideas?


This thread was automatically locked due to age.
Parents
  • 0
    The actual file in 'Reporting & Logging' shows the details of the transaction.  Mail Manager just shows the end result, but, it's where I start in a situation like this so I can jump to a specific area of the file.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    The actual file in 'Reporting & Logging' shows the details of the transaction.  Mail Manager just shows the end result, but, it's where I start in a situation like this so I can jump to a specific area of the file.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson
    2013:08:13-10:51:31 utm-1 exim-in[18043]: 2013-08-13 10:51:31 [10.3.40.21] F= R= Accepted: from relay
    2013:08:13-10:51:31 utm-1 exim-in[18043]: 2013-08-13 10:51:31 1V9Gsd-0004h1-18 ctasd reports 'Confirmed' RefID:str=0001.0A020203.520A5603.00C9,ss=4,re=0.000,recu=0.000,reip=0.000,cl=4,cld=1,fgs=12
    2013:08:13-10:51:31 utm-1 exim-in[18043]: 2013-08-13 10:51:31 1V9Gsd-0004h1-18 id="1003" severity="info" sys="SecureMail" sub="smtp" name="email rejected" srcip="10.3.40.21" from="myuser@mydomain.com" to="(removed)@us.ibm.com" subject="Test" queueid="1V9Gsd-0004h1-18" size="3759" reason="as" extra="confirmed"
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [1\27] 2013-08-13 10:51:31 1V9Gsd-0004h1-18 H=ex01.myinternaldomain.loc (smtp01.mydomain.com) [10.3.40.21]:26469 F= rejected after DATA
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [2\27] Envelope-from: 
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [3\27] Envelope-to: 
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [4\27] P Received: from ex01.myinternaldomain.loc ([10.3.40.21]:26469 helo=smtp01.mydomain.com)
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [5\27]  by smtp01.mydomain.com with esmtps (TLSv1:AES128-SHA:128)
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [6\27]  (Exim 4.76)
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [7\27]  (envelope-from )
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [8\27]  id 1V9Gsd-0004h1-18
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [9\27]  for (removed)@us.ibm.com; Tue, 13 Aug 2013 10:51:31 -0500
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [10\27] P Received: from EX01.myinternaldomain.loc ([10.3.40.21]) by ex01.myinternaldomain.loc ([10.3.40.21]) with
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [11\27]  mapi id 14.03.0146.000; Tue, 13 Aug 2013 10:51:31 -0500
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [12\27]   X-CTCH-RefID: str=0001.0A020203.520A5603.00C9,ss=4,re=0.000,recu=0.000,reip=0.000,cl=4,cld=1,fgs=12
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [13\27] F From: Leslie Hattig 
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [14\27] T To: "Dan Crump ((removed)@us.ibm.com)" 
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [15\27]   Subject: Test
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [16\27]   Thread-Topic: Test
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [17\27]   Thread-Index: Ac6YPPthYj2/ZfceR1+Oohy7+jGL7w==
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [18\27]   Date: Tue, 13 Aug 2013 15:51:30 +0000
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [19\27] I Message-ID: 
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [20\27]   Accept-Language: en-US
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [21\27]   Content-Language: en-US
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [22\27]   X-MS-Has-Attach:
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [23\27]   X-MS-TNEF-Correlator:
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [24\27]   x-originating-ip: [206.83.48.8]
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [25\27]   Content-Type: multipart/alternative;
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [26\27]  boundary="_000_A089A07676BD7A4A9249BF6B09746966A5FF8742ex01m3loc_"
    2013:08:13-10:51:31 utm-1 exim-in[18043]: [27/27]   MIME-Version: 1.0
    2013:08:13-10:51:31 utm-1 exim-in[18043]: 2013-08-13 10:51:31 1V9Gsd-0004h1-18 SMTP connection from ex01.myinternaldomain.loc (smtp01.mydomain.com) [10.3.40.21]:26469 closed by DROP in ACL
Unfiltered HTML