• If you are still using CentOS 7.9, it's time to convert to Alma 8 with the free centos2alma tool by Plesk or Plesk Migrator. Please let us know your experiences or concerns in this thread:
    CentOS2Alma discussion

What are all these relaylock msgs in maillog?

M

malphigian

Guest
Background: I've got Plesk 8.0.1. on FC2. I have removed drweb and psa-spamassassin. I'm going to be installing the ART spamassassin but I want to make sure I have a working qmail set up before I do.

I'm seeing a lot of these messages in my maillog:

Aug 16 12:06:40 host1 relaylock: /var/qmail/bin/relaylock: mail from 81.203.218.210:60569 (81-203-218-210.user.ono.com)
Aug 16 12:06:42 host1 relaylock: /var/qmail/bin/relaylock: mail from 201.230.203.217:3384 (not defined)
Aug 16 12:06:46 host1 relaylock: /var/qmail/bin/relaylock: mail from 206.190.52.105:38569 (mta255.mail.re2.yahoo.com)
Aug 16 12:06:47 host1 relaylock: /var/qmail/bin/relaylock: mail from 80.144.223.23:4976 (p5090df17.dip.t-dialin.net)
Click to expand...


What are these? Are these actually attempts to relay through my server? Are these emails actually getting bounced?

I do seem to be getting emails otherwise, but these messages make me nervous.

Can someone explain what they are and why they are happening?
 
A little more information:
It appears the relaylock message appears every single time an external server connects -- that is, everytime anyone anywhere connects to the SMTP server.

When it's a normal email going to a valid local address, the relaylock happens, and then a few lines later in the maillog you see the delivery. Same for an invalid local address, you see the bounce message a few lines later.

So I'm probably worrying about nothing and this is a normal message.

I am curious why there are so many of them that don't appear to result in a delivery or a bounce. The vast majority of these messages never lead to anything, just that one line with the lock. It makes me wonder what they are -- hundreds of people a day opening connections to the mail server and not sending anything?

I was able to generate this same one line message with no follow up by doing an open relay test on abuse.net -- are there really that many people trying to use my server as an open relay repeatedly. Many of the ip addresses do appear in spammer databases, but you'd think they'd give up.

I wish I could dig up a little more documentation on the relaylock program and how it works.
 
You must log in or register to reply here.

Similar threads

J
Resolved Start spamassassin.service Failed with result 'timeout'.
Replies
7
Views
2K
Jelle_Timmer
J
Ehud
Question Is Plesk Email SRS fully configured, or it requires an extension?
Replies
0
Views
1K
Ehud
Ehud
marek999
Resolved postfix/smtp Connection timed out
Replies
2
Views
31K
marek999
marek999
T
Mailman - no such list
Replies
1
Views
1K
Tibor Szentmarjay
T
M
Forwarded to devs Qmail / dovecot failure with qmail-sendmail-wrapper
Replies
2
Views
1K
mw004
M
Back
Top