[SOLVED] Sending email automatic to email@domain.com?

[killmasta93]

Hi,
I was wondering if someone could shed some light, currently i have a wordpress with contact form, was checking the tracking sender and found this which is odd not sure how its sending without authentication. Then i checked on the sents on visitas@mydomain.com and also found this any ideas why? I use zimbra but it sends though proxmox as the smart host
Thank you

Return-Path: <visitas@mydomain.com.co>
Received: from mail.mydomain.com.co (LHLO mail.mydomain.com.co)
(192.168.3.140) by mail.mydomain.com.co with LMTP; Thu, 16 Jul 2020
04:10:13 -0500 (COT)
Received: from mydomain.com (unknown [192.168.3.254])
by mail.mydomain.com.co (Postfix) with ESMTPSA id C6036E610AC
for <email@domain.com>; Thu, 16 Jul 2020 04:10:13 -0500 (-05)
Date: Thu, 16 Jul 2020 09:06:22 +0000
To: email@domain.com
From: WordPress <visitas@mydomain.com.co>
Reply-To: denise.heinz1@gmx.de
Subject: =?UTF-8?Q?Ti-Rescue_"W=D0=B5g,_um_19855_EUR_pro_=D0=9Conat_im_p=D0=B0ssiv?=
=?UTF-8?Q?=D0=B5n_Ein=D0=BA=D0=BEmm=D0=B5n_zu_v=D0=B5rdi=D0=B5n=D0=B5n:_h?=
=?UTF-8?Q?ttp://rqlavw.dmlrealestateinvesting.com/5858947a9"?=
Message-ID: <516c027c27eeef2e8603cf4f6329e15d@mydomain.com>
X-Mailer: PHPMailer 5.2.22 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

From: Sо verdiеnen Sie 19686 EUR pro Monаt vоn zu Ðausе aus: Pаssivеs Еinкommеn: http://dk.cschan.website/188d8607f <denise.heinz1@gmx.de>
Subject: Wеg, um 19855 EUR pro Мonat im pаssivеn Einкоmmеn zu vеrdiеnеn: http://rqlavw.dmlrealestateinvesting.com/5858947a9

Message Body:
Passivеs Еinkоmmen: Wie iÑh 19964 EUR Ñ€rо Моnаt vеrdiene: http://hyyu.techenglish.online/63d18

--
This e-mail was sent from a contact form on Infinite

Jul 17 10:31:19 mail postfix/smtpd[27700]: connect from unknown[192.168.3.140]
Jul 17 10:31:19 mail postfix/smtpd[27700]: Anonymous TLS connection established from unknown[192.168.3.140]: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)
Jul 17 10:31:21 mail postfix/smtpd[27700]: 826D81C1496: client=unknown[192.168.3.140]
Jul 17 10:31:21 mail postfix/cleanup[27704]: 826D81C1496: info: header To: email@domain.com from unknown[192.168.3.140]; from=<visitas@mydomain.com.co> to=<email@domain.com> proto=ESMTP helo=<mail.mydomain.com.co>
Jul 17 10:31:21 mail postfix/cleanup[27704]: 826D81C1496: info: header From: WordPress <visitas@mydomain.com.co> from unknown[192.168.3.140]; from=<visitas@mydomain.com.co> to=<email@domain.com> proto=ESMTP helo=<mail.mydomain.com.co>
Jul 17 10:31:21 mail postfix/cleanup[27704]: 826D81C1496: info: header Subject: Ti-Rescue "" from unknown[192.168.3.140]; from=<visitas@mydomain.com.co> to=<email@domain.com> proto=ESMTP helo=<mail.mydomain.com.co>
Jul 17 10:31:21 mail postfix/cleanup[27704]: 826D81C1496: message-id=<49af1e1b816e3649e2121a9d4773dbd1@mydomain.com>
Jul 17 10:31:21 mail postfix/smtpd[27700]: disconnect from unknown[192.168.3.140] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Jul 17 10:31:22 mail postfix/qmgr[13202]: 826D81C1496: from=<visitas@mydomain.com.co>, size=1739, nrcpt=1 (queue active)
Jul 17 10:31:26 mail pmg-smtp-filter[25978]: 1E08835F11C44C62A3C: new mail message-id=<49af1e1b816e3649e2121a9d4773dbd1@mydomain.com>#012
Jul 17 10:31:39 mail postfix/smtpd[27710]: connect from localhost.localdomain[127.0.0.1]
Jul 17 10:31:39 mail postfix/smtpd[27710]: DF1481C14BF: client=localhost.localdomain[127.0.0.1], orig_client=unknown[192.168.3.140]
Jul 17 10:31:40 mail postfix/cleanup[27704]: DF1481C14BF: message-id=<49af1e1b816e3649e2121a9d4773dbd1@mydomain.com>
Jul 17 10:31:40 mail postfix/smtpd[27710]: disconnect from localhost.localdomain[127.0.0.1] ehlo=1 xforward=1 mail=1 rcpt=1 data=1 commands=5
Jul 17 10:31:40 mail pmg-smtp-filter[25978]: 1E08835F11C44C62A3C: accept mail to <email@domain.com> (DF1481C14BF) (rule: default-accept)
Jul 17 10:31:40 mail postfix/qmgr[13202]: DF1481C14BF: from=<visitas@mydomain.com.co>, size=2719, nrcpt=1 (queue active)
Jul 17 10:31:44 mail pmg-smtp-filter[25978]: 1E08835F11C44C62A3C: processing time: 16.247 seconds (0, 2.114, 0)
Jul 17 10:31:44 mail postfix/lmtp[27705]: 826D81C1496: to=<email@domain.com>, relay=127.0.0.1[127.0.0.1]:10023, delay=24, delays=2/0.45/1.7/20, dsn=2.5.0, status=sent (250 2.5.0 OK (1E08835F11C44C62A3C))
Jul 17 10:31:44 mail postfix/qmgr[13202]: 826D81C1496: removed
Jul 17 10:31:45 mail postfix/smtp[27711]: DF1481C14BF: to=<email@domain.com>, relay=mx.domain.com[66.96.140.72]:25, delay=5.2, delays=0.54/0.71/2.3/1.7, dsn=2.0.0, status=sent (250 4FXh2301n2GtNcw01 mail accepted for delivery)
Jul 17 10:31:45 mail postfix/qmgr[13202]: DF1481C14BF: removed

 

[hata_ph]

Did you whitelist your wordpress's IP or email on PMG?

 

[killmasta93]

Thanks for the reply, nope i did not whitelist my wordpress site so in theory not sure how its sending mail without authentication?
If i understood the log correct is that from my domain its sending to random domains?

 

[killmasta93]

i think its a wordpress issue on the forms, as the 192.168.3.140 is my wordpress site which in that case your correct

 

[hata_ph]

PMG was not design to do SMTP authentication with your email servers.
If your wordpress reside in the same network subnet with your PMG and email server, most properly it is being whitelisted as all are in the trusted network subnet.