1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

What are all these relaylock msgs in maillog?

Discussion in 'Plesk for Linux - 8.x and Older' started by malphigian, Aug 16, 2006.

  1. malphigian

    malphigian Guest

    Background: I've got Plesk 8.0.1. on FC2. I have removed drweb and psa-spamassassin. I'm going to be installing the ART spamassassin but I want to make sure I have a working qmail set up before I do.

    I'm seeing a lot of these messages in my maillog:

    What are these? Are these actually attempts to relay through my server? Are these emails actually getting bounced?

    I do seem to be getting emails otherwise, but these messages make me nervous.

    Can someone explain what they are and why they are happening?
  2. malphigian

    malphigian Guest

    A little more information:
    It appears the relaylock message appears every single time an external server connects -- that is, everytime anyone anywhere connects to the SMTP server.

    When it's a normal email going to a valid local address, the relaylock happens, and then a few lines later in the maillog you see the delivery. Same for an invalid local address, you see the bounce message a few lines later.

    So I'm probably worrying about nothing and this is a normal message.

    I am curious why there are so many of them that don't appear to result in a delivery or a bounce. The vast majority of these messages never lead to anything, just that one line with the lock. It makes me wonder what they are -- hundreds of people a day opening connections to the mail server and not sending anything?

    I was able to generate this same one line message with no follow up by doing an open relay test on abuse.net -- are there really that many people trying to use my server as an open relay repeatedly. Many of the ip addresses do appear in spammer databases, but you'd think they'd give up.

    I wish I could dig up a little more documentation on the relaylock program and how it works.