we're using a UTM 220 with MX Record. Since a few days I keep seeing mails from our own domain in the SMTP Log, it looks like this:
The IP is unknown to me and they change. I took a look in the header of some of the mails.
Microsoft Mail Internet Headers Version 2.0
Received: from UTM.****-germany.de ([140.***.1.***]) by ****-germany.de with Microsoft SMTPSVC(6.0.3790.4675);
Fri, 7 Feb 2014 19:55:49 +0100
Received: from [190.22.54.83] (port=12334)
by UTM.****-germany.de with esmtp (Exim 4.76)
(envelope-from )
id 1WBqaN-0002rq-3B
for newsletter.profi@****-germany.de; Fri, 07 Feb 2014 19:55:41 +0100
X-CTCH-RefID: str=0001.0A090203.52F52C2D.0074,ss=3,re=0.000,recu=0.000,reip=0.000,pt=F_26154406,cl=4,cld=1,fgs=0
Message-ID:
Date: Sat, 01 Feb 2014 11:55:10 -0400
From:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.9) Gecko/20100915 Thunderbird/3.1.4
MIME-Version: 1.0
To:
Subject: Aktuelle Stellenausschreibung
Content-Type: multipart/alternative;
boundary="------------090700090707010901030209"
Return-Path: newsletter.profi@****-germany.de
X-OriginalArrivalTime: 07 Feb 2014 18:55:49.0824 (UTC) FILETIME=[37B16400:01CF2436]
--------------090700090707010901030209
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable
--------------090700090707010901030209
Content-Type: text/html; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Some mails are getting blocked by the UTM with
Rejected: RDNS/HELO (RDNS missing)or
Rejected: RBL (black.rbl.ctipd.astaro.local)and others are delivered to the mailbox.
There is no authenticated relaying configured and the only server under host based relay is our mailserver...
Do you have an explanation for me and what I can do against it?
All the best!
Max
This thread was automatically locked due to age.
