[PLUG] First run of pflogsumm, talk about troubling results...

Michael C. Robinson michael at goose.robinson-west.com
Sun Oct 12 19:34:02 UTC 2003


Postfix log summaries for Oct 12

Grand Totals
------------
messages

     11   received
     11   delivered
      0   forwarded
     31   deferred  (83  deferrals)
      0   bounced
      0   rejected (0%)
      0   reject warnings
      0   held
      0   discarded (0%)

  29612   bytes received
  29612   bytes delivered
      3   senders
      3   sending hosts/domains
      4   recipients
      4   recipient hosts/domains


Per-Hour Traffic Summary
    time          received  delivered   deferred    bounced     rejected
    --------------------------------------------------------------------
    0000-0100           0          0          0          0          0 
    0100-0200           0          0          0          0          0 
    0200-0300           0          0          0          0          0 
    0300-0400           0          0          0          0          0 
    0400-0500           0          0          0          0          0 
    0500-0600           0          0          0          0          0 
    0600-0700           0          0          0          0          0 
    0700-0800           0          0          0          0          0 
    0800-0900           0          0          0          0          0 
    0900-1000           0          0          0          0          0 
    1000-1100           0          0          0          0          0 
    1100-1200           0          0          0          0          0 
    1200-1300           0          0          0          0          0 
    1300-1400           0          0          0          0          0 
    1400-1500           0          0          0          0          0 
    1500-1600           1          1         21          0          0 
    1600-1700           0          0         10          0          0 
    1700-1800           5          5         29          0          0 
    1800-1900           5          5         23          0          0 
    1900-2000           0          0          0          0          0 
    2000-2100           0          0          0          0          0 
    2100-2200           0          0          0          0          0 
    2200-2300           0          0          0          0          0 
    2300-2400           0          0          0          0          0 

Host/Domain Summary: Message Delivery 
 sent cnt  bytes   defers   avg dly max dly host/domain
 -------- -------  -------  ------- ------- -----------
      8    26976        0     2.2 s    3.0 s  goose.robinson-west.com
      1     1244        0     1.0 s    1.0 s  opusnet.com
      1      834        0     1.0 s    1.0 s  hotmail.com
      1      558        0     4.0 s    4.0 s  pcc.edu
      0        0        2     0.0 s   47.8 h  biggestdealsontheweb.com
      0        0        2     0.0 s   38.8 h  yam.com.tw
      0        0        2     0.0 s   39.3 h  vast.brasdan.com
      0        0       65     0.0 s  100.1 h  bounce.iexpect.com
      0        0        3     0.0 s   83.8 h  wegoingupinpeace.com
      0        0        2     0.0 s   22.2 h  sprint.com
      0        0        2     0.0 s   45.0 h  123box.co.uk
      0        0        3     0.0 s   76.8 h  data-flow.com
      0        0        2     0.0 s   35.9 h  cnnb.net


**  Seems like only the first four, and none of the rest should be in
    the Host/Domain summary.


Host/Domain Summary: Messages Received 
 msg cnt   bytes   host/domain
 -------- -------  -----------
      7    25071   lists.pdxlinux.org
      3     2636   goose.robinson-west.com
      1     1905   service.emf0.com


**  The last one in this summary is probably a spammer.


Senders by message count
------------------------
      7   plug-admin at lists.pdxlinux.org
      3   michael at goose.robinson-west.com
      1   L1116654826.100409.2 at service.emf0.com


**  The last one, ugh, there's the same potential spammer
    as the last summary.


Recipients by message count
---------------------------
      8   michael at goose.robinson-west.com
      1   jacquereed at hotmail.com
      1   jkissick at pcc.edu
      1   robinsoa at opusnet.com


** The above four are all OK.


Senders by message size
-----------------------
  25071   plug-admin at lists.pdxlinux.org
   2636   michael at goose.robinson-west.com
   1905   L1116654826.100409.2 at service.emf0.com


** Who the heck is that third Sender?  
   It shouldn't be in there.


Recipients by message size
--------------------------
  26976   michael at goose.robinson-west.com
   1244   robinsoa at opusnet.com
    834   jacquereed at hotmail.com
    558   jkissick at pcc.edu


** These four recipients are good.


message deferral detail
-----------------------
  nqmgr
        33   Connection timed out
  smtp
        37   Connection timed out
         3   data-flow.com[63.122.103.23]: Connection refused
         2   Name service error for bounce.boulnare.com: Host not found
         2   ms.yam.com.tw[211.72.254.200]: Connection timed out
         2   Host not found, try again
         2   mail.123box.co.uk[1.0.0.0]: Connection timed out
         1   pop3.cnnb.net[202.96.105.110]: Connection timed out
 
      1   pop3.cnnb.net[202.96.105.111]: Connection timed out


**  Shouldn't be connecting to any of these under 
    message deferral detail.


message bounce detail (by relay): none

message reject detail: none

message reject warning detail: none

message hold detail: none

message discard detail: none

smtp delivery failures
----------------------
  connection refused
         3   data-flow.com
  connection timed out
        32   bounce.iexpect.com
         4   pop3.cnnb.net
         2   mail.123box.co.uk
         2   parker2.sprint.com
         2   parker1.sprint.com
         2   ms.yam.com.tw
         2   wegoingupinpeace.com
         1   biggestdealsontheweb.com



** All of the above smtp delivery failures are 
   places I shouldn't be trying to connect to,
   what's going on here?



Warnings
--------
  postfix-script
         1   /var/spool/postfix/etc/services and /etc/services differ
  smtp
         2   no MX host for vast.brasdan.com has a valid A record
  smtpd
         2   database /etc/postfix/access.db is older than source file
/etc/...

Fatal Errors: none

Panics: none

Master daemon messages
----------------------
      2   daemon started
      1   terminating on signal 15

      -- Michael C. Robinson





More information about the PLUG mailing list