ZImbra sends a lot of obscure letters

P

p.alexandra

New Member
Jun 6, 2022
3
0
1
It sends letters at a certain time, by periods. But I don't understand what he is trying to do and how to stop it?

Logs're below:

Jun 3 15:41:06 proxmox postfix/qmgr[865]: EC713C2642: from=<zimbra@mail.itsupport.kz>, size=2337, nrcpt=1 (queue active)
Jun 3 15:41:37 proxmox postfix/error[51597]: EC713C2642: to=<zimbra@mail.itsupport.kz>, relay=none, delay=406844, delays=406814/30/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.itsupport.kz[185.102.74.20]:25: Connection timed out)
Jun 3 16:51:07 proxmox postfix/qmgr[865]: EC713C2642: from=<zimbra@mail.itsupport.kz>, size=2337, nrcpt=1 (queue active)
Jun 3 16:51:37 proxmox postfix/error[53118]: EC713C2642: to=<zimbra@mail.itsupport.kz>, relay=none, delay=411045, delays=411014/30/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.itsupport.kz[185.102.74.20]:25: Connection timed out)
Jun 3 18:01:07 proxmox postfix/qmgr[865]: EC713C2642: from=<zimbra@mail.itsupport.kz>, size=2337, nrcpt=1 (queue active)
Jun 3 18:01:38 proxmox postfix/error[54427]: EC713C2642: to=<zimbra@mail.itsupport.kz>, relay=none, delay=415245, delays=415215/30/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.itsupport.kz[185.102.74.20]:25: Connection timed out)
Jun 3 19:11:07 proxmox postfix/qmgr[865]: EC713C2642: from=<zimbra@mail.itsupport.kz>, size=2337, nrcpt=1 (queue active)
Jun 3 19:11:37 proxmox postfix/error[55964]: EC713C2642: to=<zimbra@mail.itsupport.kz>, relay=none, delay=419445, delays=419414/30/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.itsupport.kz[185.102.74.20]:25: Connection timed out)
Jun 3 20:21:07 proxmox postfix/qmgr[865]: EC713C2642: from=<zimbra@mail.itsupport.kz>, size=2337, nrcpt=1 (queue active)
Jun 3 20:21:37 proxmox postfix/error[56999]: EC713C2642: to=<zimbra@mail.itsupport.kz>, relay=none, delay=423645, delays=423614/30/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.itsupport.kz[185.102.74.20]:25: Connection timed out)Jun 3 21:31:07 proxmox postfix/qmgr[865]: EC713C2642: from=<zimbra@mail.itsupport.kz>, size=2337, nrcpt=1 (queue active)Jun 3 21:31:37 proxmox postfix/error[57942]: EC713C2642: to=<zimbra@mail.itsupport.kz>, relay=none, delay=427845, delays=427814/30/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.itsupport.kz[185.102.74.20]:25: Connection timed out)
Jun 3 22:41:07 proxmox postfix/qmgr[865]: EC713C2642: from=<zimbra@mail.itsupport.kz>, size=2337, nrcpt=1 (queue active)
Jun 3 22:41:37 proxmox postfix/error[58850]: EC713C2642: to=<zimbra@mail.itsupport.kz>, relay=none, delay=432045, delays=432015/31/0/0, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to mail.itsupport.kz[185.102.74.20]:25: Connection timed out)
Jun 3 22:41:37 proxmox postfix/qmgr[865]: EC713C2642: from=<zimbra@mail.itsupport.kz>, status=expired, returned to sender
Jun 3 22:41:38 proxmox postfix/qmgr[865]: EC713C2642: removedzimbra.JPG
 
Is 185.102.74.20 belong to mail.itsupport.kz?
Is both PMG and 185.102.74.20 belong to the same network?
 
Can you confirm PMG allow access to your zimbra server via port 25.

Code: 
status=deferred (delivery temporarily suspended: connect to mail.itsupport.kz[185.102.74.20]:25: Connection timed out)
 
p.alexandra said:
mail.itsupport.kz is our mail server, are you sure that this is phishing?
Click to expand...
In that case you have many messages in the queue!
Your PMG is set to itsupport.kz but not mail.itsupport.kz, add it to Configuration > Mail Proxy > Transports.

Thanks,
 
You must log in or register to reply here.
Top Bottom