English
Chinese (Simplified)
French
German
Italian
Japanese
Russian
Spanish
Vietnamese
Repeated incoming emails
-
Hello everyone again! I am having repeated emails from some specific domains/servers against my domain in MDaemon. In the boxes where I receive the repeats, both in the webmail and in the email managers (outlook, android or ios cell phones) I see the emails with the same date and time in all the repeats, if I go to the MDaemon log I see that the Emails have different times and repeat hundreds. I am attaching a screenshot of some cases so that what I am describing can be illustrated. Has anyone had a similar problem? Do you have any idea what it could be? Is it an MDaemon configuration? I have a firewall on my network, can it come through there? I was seeing that where these emails arrive from is an API, which expects to receive a response if it does not continue sending the notification emails, could it be that MDaemon is not sending the response that that service expects? From already thank you very much!! Greetings. Jonatan
-
Arron Staff
I don't think its a configuration in MDaemon, but its hard to tell without more information. It could just be that the sender has this person's email address on their list hundreds of times.
Is the Message-ID the same for every duplicate message?
What does the inbound SMTP log from the MDaemon\Logs directory show is happening?
A quick would be to add *@em4788.mercadopago.com to the sender block list. You can find more information on the block list here,
https://help.mdaemon.com/MDaemon/en/security--sender-blacklist.html
-
Hi Arron, thank you very much for your response. I am attaching two complete SMTP reports. I understand that the message ID is not the same. I don't see anything wrong with the transaction, if I missed something please point it out to me. I understand that it may be that the service sending these emails is not receiving the expected response from me. I cannot block the sender, because the emails are valid, what is not valid is that it is repeated so many times for each transaction made on the platform.
Mon 2024-02-05 23:52:49.058: 05: [27514286] Session 27514286; child 0002
Mon 2024-02-05 23:52:49.058: 05: [27514286] Accepting SMTP connection from 149.72.129.249:63064 to 192.168.1.20:25
Mon 2024-02-05 23:52:49.058: 07: [27514286] Location Screen says connection is from United States, North America
Mon 2024-02-05 23:52:49.061: 03: [27514286] --> 220-mail.lazar.com.ar ESMTP MDaemon 23.5.2; Mon, 05 Feb 2024 23:52:49 -0300
Mon 2024-02-05 23:52:49.061: 03: [27514286] --> 220 All trasactions and IP addresses are logged
Mon 2024-02-05 23:52:49.401: 02: [27514286] <-- EHLO wrqvvkfw.outbound-mail.sendgrid.net
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250-mail.lazar.com.ar Hello wrqvvkfw.outbound-mail.sendgrid.net [149.72.129.249], pleased to meet you
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250-ETRN
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250-8BITMIME
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250-ENHANCEDSTATUSCODES
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250-PIPELINING
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250-CHUNKING
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250-STARTTLS
Mon 2024-02-05 23:52:49.401: 03: [27514286] --> 250 SIZE
Mon 2024-02-05 23:52:49.741: 02: [27514286] <-- STARTTLS
Mon 2024-02-05 23:52:49.741: 03: [27514286] --> 220 2.7.0 Ready to start TLS
Mon 2024-02-05 23:52:50.446: 01: [27514286] SSL negotiation successful (TLS 1.2, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521)
Mon 2024-02-05 23:52:50.785: 02: [27514286] <-- EHLO wrqvvkfw.outbound-mail.sendgrid.net
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250-mail.lazar.com.ar Hello wrqvvkfw.outbound-mail.sendgrid.net [149.72.129.249], pleased to meet you
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250-ETRN
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250-8BITMIME
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250-ENHANCEDSTATUSCODES
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250-PIPELINING
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250-CHUNKING
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250-REQUIRETLS
Mon 2024-02-05 23:52:50.785: 03: [27514286] --> 250 SIZE
Mon 2024-02-05 23:52:51.136: 02: [27514286] <-- MAIL FROM:<bounces+9647731-e193-pnaughton=lazar.com.ar@em4788.mercadopago.com> BODY=8BITMIME
Mon 2024-02-05 23:52:51.144: 09: [27514286] Performing SPF lookup (em4788.mercadopago.com / 149.72.129.249)
Mon 2024-02-05 23:52:51.144: 09: [27514286] * Policy (cache): v=spf1 ip4:149.72.129.249 ip4:149.72.129.250 ip4:149.72.129.251 ip4:167.89.0.1 ip4:167.89.0.102 -all
Mon 2024-02-05 23:52:51.144: 09: [27514286] * Evaluating ip4:149.72.129.249: match
Mon 2024-02-05 23:52:51.144: 09: [27514286] * Result: pass
Mon 2024-02-05 23:52:51.144: 09: [27514286] ---- End SPF results
Mon 2024-02-05 23:52:51.144: 03: [27514286] --> 250 2.1.0 Sender OK
Mon 2024-02-05 23:52:51.484: 02: [27514286] <-- RCPT TO:<pnaughton@lazar.com.ar>
Mon 2024-02-05 23:52:51.493: 05: [27514286] Performing DNS-BL lookup (149.72.129.249 - connecting IP)
Mon 2024-02-05 23:52:51.827: 05: [27514286] * b.barracudacentral.org - passed
Mon 2024-02-05 23:52:51.827: 05: [27514286] ---- End DNS-BL results
Mon 2024-02-05 23:52:51.844: 03: [27514286] --> 250 2.1.5 Recipient OK
Mon 2024-02-05 23:52:52.184: 02: [27514286] <-- DATA
Mon 2024-02-05 23:52:52.186: 03: [27514286] --> 354 Enter mail, end with <CRLF>.<CRLF>
Mon 2024-02-05 23:52:52.989: 01: [27514286] Message size: 57126 bytes
Mon 2024-02-05 23:52:52.992: 10: [27514286] Performing DKIM verification
Mon 2024-02-05 23:52:52.992: 10: [27514286] * File: c:\mdaemon\queues\temp\md5001000060746.tmp
Mon 2024-02-05 23:52:52.992: 10: [27514286] * Message-ID: <NVuX6ImsTJ6G1ijssJ7kuA@geopod-ismtpd-7>
Mon 2024-02-05 23:52:52.995: 10: [27514286] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mercadopago.com; s=s1; <some tags are not logged>
Mon 2024-02-05 23:52:52.995: 10: [27514286] * Verification result: good signature
Mon 2024-02-05 23:52:52.997: 10: [27514286] * Result: pass
Mon 2024-02-05 23:52:52.997: 10: [27514286] ---- End DKIM results
Mon 2024-02-05 23:52:53.005: 19: [27514286] Performing DMARC processing
Mon 2024-02-05 23:52:53.005: 19: [27514286] * File: c:\mdaemon\queues\temp\md5001000060746.tmp
Mon 2024-02-05 23:52:53.005: 19: [27514286] * Message-ID: <NVuX6ImsTJ6G1ijssJ7kuA@geopod-ismtpd-7>
Mon 2024-02-05 23:52:53.005: 19: [27514286] * Author domain: mercadopago.com
Mon 2024-02-05 23:52:53.005: 19: [27514286] * Organizational domain: mercadopago.com
Mon 2024-02-05 23:52:53.005: 19: [27514286] * Query domain: _dmarc.mercadopago.com
Mon 2024-02-05 23:52:53.005: 19: [27514286] * Policy record (from cache): v=DMARC1; p=reject; rua=mailto:dmarcrua@mercadolibre.com, mailto:mercadolibre@rua.netcraft.com, mailto:dmarc_agg@vali.email; ruf=mailto:dmarcruf@mercadolibre.com,mailto:mercadolibre@ruf.netcraft.com; adkim=s; asp
Mon 2024-02-05 23:52:53.012: 19: [27514286] * Verifying report recipient: dmarcrua@mercadolibre.com
Mon 2024-02-05 23:52:53.012: 19: [27514286] * Query domain: mercadopago.com._report._dmarc.mercadolibre.com
Mon 2024-02-05 23:54:53.441: 04: [27514286] * DNS: 120 second wait for DNS response exceeded (DNS Server: 200.45.191.35)
Mon 2024-02-05 23:56:53.427: 04: [27514286] * DNS: 120 second wait for DNS response exceeded (DNS Server: 200.45.48.233)
Mon 2024-02-05 23:56:53.427: 19: [27514286] * No DMARC policy record found; recipient discarded
Mon 2024-02-05 23:56:53.433: 19: [27514286] * Verifying report recipient: mercadolibre@rua.netcraft.com
Mon 2024-02-05 23:56:53.433: 19: [27514286] * Query domain: mercadopago.com._report._dmarc.rua.netcraft.com
Mon 2024-02-05 23:56:53.442: 19: [27514286] * Policy record: v=DMARC1;
Mon 2024-02-05 23:56:53.442: 19: [27514286] * Recipient mercadolibre@rua.netcraft.com is verified
Mon 2024-02-05 23:56:53.448: 19: [27514286] * Verifying report recipient: dmarc_agg@vali.email
Mon 2024-02-05 23:56:53.448: 19: [27514286] * Query domain: mercadopago.com._report._dmarc.vali.email
Mon 2024-02-05 23:56:53.458: 19: [27514286] * Policy record: v=DMARC1;
Mon 2024-02-05 23:56:53.459: 19: [27514286] * Recipient dmarc_agg@vali.email is verified
Mon 2024-02-05 23:56:53.465: 19: [27514286] * Verifying report recipient: dmarcruf@mercadolibre.com
Mon 2024-02-05 23:56:53.465: 19: [27514286] * Query domain: mercadopago.com._report._dmarc.mercadolibre.com
Mon 2024-02-05 23:58:53.580: 04: [27514286] * DNS: 120 second wait for DNS response exceeded (DNS Server: 200.45.191.35)
Tue 2024-02-06 00:00:53.582: 04: [27514286] * DNS: 120 second wait for DNS response exceeded (DNS Server: 200.45.48.233)
Tue 2024-02-06 00:00:53.582: 19: [27514286] * No DMARC policy record found; recipient discarded
Tue 2024-02-06 00:00:53.588: 19: [27514286] * Verifying report recipient: mercadolibre@ruf.netcraft.com
Tue 2024-02-06 00:00:53.588: 19: [27514286] * Query domain: mercadopago.com._report._dmarc.ruf.netcraft.com
Tue 2024-02-06 00:00:53.598: 19: [27514286] * Policy record: v=DMARC1;
Tue 2024-02-06 00:00:53.599: 19: [27514286] * Recipient mercadolibre@ruf.netcraft.com is verified
Tue 2024-02-06 00:00:53.599: 19: [27514286] * Checking authentication mechanisms for DMARC alignment
Tue 2024-02-06 00:00:53.606: 19: [27514286] * SPF: domain "em4788.mercadopago.com" passed SPF check; and domain is DMARC aligned
Tue 2024-02-06 00:00:53.608: 19: [27514286] * DKIM: domain "mercadopago.com" (from d= of signature #1) verified; and domain is DMARC aligned
Tue 2024-02-06 00:00:53.608: 19: [27514286] * Result: pass
Tue 2024-02-06 00:00:53.608: 19: [27514286] ---- End DMARC results
Tue 2024-02-06 00:00:53.623: 06: [27514286] Passing message through AntiVirus (Size: 57126)...
Tue 2024-02-06 00:00:53.771: 06: [27514286] * Message is clean (no viruses found) scanned by (IKARUS: clean (0.01272s)) (ClamAV: clean (0.10294s))
Tue 2024-02-06 00:00:53.771: 06: [27514286] ---- End AntiVirus results
Tue 2024-02-06 00:00:53.772: 11: [27514286] Outbreak Protection: Processing skipped. Recipient in spam filter allow list.
Tue 2024-02-06 00:00:53.789: 01: [27514286] Message creation successful: c:\mdaemon\queues\inbound\md5001005259069.msg
Tue 2024-02-06 00:00:53.789: 03: [27514286] --> 250 2.6.0 Ok, message saved <Message-ID: <NVuX6ImsTJ6G1ijssJ7kuA@geopod-ismtpd-7>>
Tue 2024-02-06 00:00:53.798: 02: [27514286] <-- QUIT
Tue 2024-02-06 00:00:53.798: 03: [27514286] --> 221 2.0.0 See ya in cyberspace
Tue 2024-02-06 00:00:53.799: 01: [27514286] SMTP session successful (Bytes in/out: 59203/6022)
Tue 2024-02-06 04:33:10.544: 05: [27516443] Session 27516443; child 0002
Tue 2024-02-06 04:33:10.544: 05: [27516443] Accepting SMTP connection from 149.72.129.249:7788 to 192.168.1.20:25
Tue 2024-02-06 04:33:10.544: 07: [27516443] Location Screen says connection is from United States, North America
Tue 2024-02-06 04:33:10.555: 03: [27516443] --> 220-mail.lazar.com.ar ESMTP MDaemon 23.5.2; Tue, 06 Feb 2024 04:33:10 -0300
Tue 2024-02-06 04:33:10.555: 03: [27516443] --> 220 All trasactions and IP addresses are logged
Tue 2024-02-06 04:33:10.895: 02: [27516443] <-- EHLO wrqvvkfw.outbound-mail.sendgrid.net
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250-mail.lazar.com.ar Hello wrqvvkfw.outbound-mail.sendgrid.net [149.72.129.249], pleased to meet you
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250-ETRN
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250-8BITMIME
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250-ENHANCEDSTATUSCODES
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250-PIPELINING
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250-CHUNKING
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250-STARTTLS
Tue 2024-02-06 04:33:10.895: 03: [27516443] --> 250 SIZE
Tue 2024-02-06 04:33:11.236: 02: [27516443] <-- STARTTLS
Tue 2024-02-06 04:33:11.236: 03: [27516443] --> 220 2.7.0 Ready to start TLS
Tue 2024-02-06 04:33:11.939: 01: [27516443] SSL negotiation successful (TLS 1.2, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P521)
Tue 2024-02-06 04:33:12.279: 02: [27516443] <-- EHLO wrqvvkfw.outbound-mail.sendgrid.net
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250-mail.lazar.com.ar Hello wrqvvkfw.outbound-mail.sendgrid.net [149.72.129.249], pleased to meet you
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250-ETRN
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250-AUTH LOGIN CRAM-MD5 PLAIN
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250-8BITMIME
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250-ENHANCEDSTATUSCODES
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250-PIPELINING
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250-CHUNKING
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250-REQUIRETLS
Tue 2024-02-06 04:33:12.280: 03: [27516443] --> 250 SIZE
Tue 2024-02-06 04:33:12.629: 02: [27516443] <-- MAIL FROM:<bounces+9647731-e193-pnaughton=lazar.com.ar@em4788.mercadopago.com> BODY=8BITMIME
Tue 2024-02-06 04:33:12.637: 09: [27516443] Performing SPF lookup (em4788.mercadopago.com / 149.72.129.249)
Tue 2024-02-06 04:33:12.637: 09: [27516443] * Policy (cache): v=spf1 ip4:149.72.129.249 ip4:149.72.129.250 ip4:149.72.129.251 ip4:167.89.0.1 ip4:167.89.0.102 -all
Tue 2024-02-06 04:33:12.637: 09: [27516443] * Evaluating ip4:149.72.129.249: match
Tue 2024-02-06 04:33:12.637: 09: [27516443] * Result: pass
Tue 2024-02-06 04:33:12.637: 09: [27516443] ---- End SPF results
Tue 2024-02-06 04:33:12.637: 03: [27516443] --> 250 2.1.0 Sender OK
Tue 2024-02-06 04:33:12.976: 02: [27516443] <-- RCPT TO:<pnaughton@lazar.com.ar>
Tue 2024-02-06 04:33:12.986: 05: [27516443] Performing DNS-BL lookup (149.72.129.249 - connecting IP)
Tue 2024-02-06 04:33:13.335: 05: [27516443] * b.barracudacentral.org - passed
Tue 2024-02-06 04:33:13.335: 05: [27516443] ---- End DNS-BL results
Tue 2024-02-06 04:33:13.351: 03: [27516443] --> 250 2.1.5 Recipient OK
Tue 2024-02-06 04:33:13.691: 02: [27516443] <-- DATA
Tue 2024-02-06 04:33:13.698: 03: [27516443] --> 354 Enter mail, end with <CRLF>.<CRLF>
Tue 2024-02-06 04:33:14.506: 01: [27516443] Message size: 57193 bytes
Tue 2024-02-06 04:33:14.508: 10: [27516443] Performing DKIM verification
Tue 2024-02-06 04:33:14.508: 10: [27516443] * File: c:\mdaemon\queues\temp\md5001000061691.tmp
Tue 2024-02-06 04:33:14.508: 10: [27516443] * Message-ID: <wgOOoY91Sj2BPAmchDoPHw@geopod-ismtpd-3>
Tue 2024-02-06 04:33:14.512: 10: [27516443] * DKIM-Signature 1: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mercadopago.com; s=s1; <some tags are not logged>
Tue 2024-02-06 04:33:14.512: 10: [27516443] * Verification result: good signature
Tue 2024-02-06 04:33:14.513: 10: [27516443] * Result: pass
Tue 2024-02-06 04:33:14.513: 10: [27516443] ---- End DKIM results
Tue 2024-02-06 04:33:14.521: 19: [27516443] Performing DMARC processing
Tue 2024-02-06 04:33:14.521: 19: [27516443] * File: c:\mdaemon\queues\temp\md5001000061691.tmp
Tue 2024-02-06 04:33:14.521: 19: [27516443] * Message-ID: <wgOOoY91Sj2BPAmchDoPHw@geopod-ismtpd-3>
Tue 2024-02-06 04:33:14.521: 19: [27516443] * Author domain: mercadopago.com
Tue 2024-02-06 04:33:14.521: 19: [27516443] * Organizational domain: mercadopago.com
Tue 2024-02-06 04:33:14.521: 19: [27516443] * Query domain: _dmarc.mercadopago.com
Tue 2024-02-06 04:33:14.521: 19: [27516443] * Policy record (from cache): v=DMARC1; p=reject; rua=mailto:dmarcrua@mercadolibre.com, mailto:mercadolibre@rua.netcraft.com, mailto:dmarc_agg@vali.email; ruf=mailto:dmarcruf@mercadolibre.com,mailto:mercadolibre@ruf.netcraft.com; adkim=s; asp
Tue 2024-02-06 04:33:14.528: 19: [27516443] * Verifying report recipient: dmarcrua@mercadolibre.com
Tue 2024-02-06 04:33:14.528: 19: [27516443] * Query domain: mercadopago.com._report._dmarc.mercadolibre.com
Tue 2024-02-06 04:35:14.833: 04: [27516443] * DNS: 120 second wait for DNS response exceeded (DNS Server: 200.45.191.35)
Tue 2024-02-06 04:37:14.834: 04: [27516443] * DNS: 120 second wait for DNS response exceeded (DNS Server: 200.45.48.233)
Tue 2024-02-06 04:37:14.834: 19: [27516443] * No DMARC policy record found; recipient discarded
Tue 2024-02-06 04:37:14.841: 19: [27516443] * Verifying report recipient: mercadolibre@rua.netcraft.com
Tue 2024-02-06 04:37:14.841: 19: [27516443] * Query domain: mercadopago.com._report._dmarc.rua.netcraft.com
Tue 2024-02-06 04:37:14.850: 19: [27516443] * Policy record: v=DMARC1;
Tue 2024-02-06 04:37:14.850: 19: [27516443] * Recipient mercadolibre@rua.netcraft.com is verified
Tue 2024-02-06 04:37:14.856: 19: [27516443] * Verifying report recipient: dmarc_agg@vali.email
Tue 2024-02-06 04:37:14.856: 19: [27516443] * Query domain: mercadopago.com._report._dmarc.vali.email
Tue 2024-02-06 04:37:14.863: 19: [27516443] * Policy record: v=DMARC1;
Tue 2024-02-06 04:37:14.863: 19: [27516443] * Recipient dmarc_agg@vali.email is verified
Tue 2024-02-06 04:37:14.870: 19: [27516443] * Verifying report recipient: dmarcruf@mercadolibre.com
Tue 2024-02-06 04:37:14.870: 19: [27516443] * Query domain: mercadopago.com._report._dmarc.mercadolibre.com
Tue 2024-02-06 04:39:15.074: 04: [27516443] * DNS: 120 second wait for DNS response exceeded (DNS Server: 200.45.191.35)
Tue 2024-02-06 04:41:15.075: 04: [27516443] * DNS: 120 second wait for DNS response exceeded (DNS Server: 200.45.48.233)
Tue 2024-02-06 04:41:15.075: 19: [27516443] * No DMARC policy record found; recipient discarded
Tue 2024-02-06 04:41:15.082: 19: [27516443] * Verifying report recipient: mercadolibre@ruf.netcraft.com
Tue 2024-02-06 04:41:15.082: 19: [27516443] * Query domain: mercadopago.com._report._dmarc.ruf.netcraft.com
Tue 2024-02-06 04:41:15.092: 19: [27516443] * Policy record: v=DMARC1;
Tue 2024-02-06 04:41:15.092: 19: [27516443] * Recipient mercadolibre@ruf.netcraft.com is verified
Tue 2024-02-06 04:41:15.092: 19: [27516443] * Checking authentication mechanisms for DMARC alignment
Tue 2024-02-06 04:41:15.098: 19: [27516443] * SPF: domain "em4788.mercadopago.com" passed SPF check; and domain is DMARC aligned
Tue 2024-02-06 04:41:15.100: 19: [27516443] * DKIM: domain "mercadopago.com" (from d= of signature #1) verified; and domain is DMARC aligned
Tue 2024-02-06 04:41:15.100: 19: [27516443] * Result: pass
Tue 2024-02-06 04:41:15.100: 19: [27516443] ---- End DMARC results
Tue 2024-02-06 04:41:15.110: 06: [27516443] Passing message through AntiVirus (Size: 57193)...
Tue 2024-02-06 04:41:16.259: 06: [27516443] * Message is clean (no viruses found) scanned by (IKARUS: clean (0.00759s)) (ClamAV: clean (0.10467s))
Tue 2024-02-06 04:41:16.259: 06: [27516443] ---- End AntiVirus results
Tue 2024-02-06 04:41:16.260: 11: [27516443] Outbreak Protection: Processing skipped. Recipient in spam filter allow list.
Tue 2024-02-06 04:41:16.276: 01: [27516443] Message creation successful: c:\mdaemon\queues\inbound\md5001005259196.msg
Tue 2024-02-06 04:41:16.276: 03: [27516443] --> 250 2.6.0 Ok, message saved <Message-ID: <wgOOoY91Sj2BPAmchDoPHw@geopod-ismtpd-3>>
Tue 2024-02-06 04:41:16.292: 02: [27516443] <-- QUIT
Tue 2024-02-06 04:41:16.292: 03: [27516443] --> 221 2.0.0 See ya in cyberspace
Tue 2024-02-06 04:41:16.293: 01: [27516443] SMTP session successful (Bytes in/out: 59267/6022)Greetings. Jonatan
-
Arron Staff
The message IDs being different indicate they are different messages with the same content. If it was the same message being sent over and over I would expectd the message IDs to be the same.
The SMTP logs show that the sender is acknowledging that MDaemon received the message. In the snippet below we can see MDaemon sending out a respons saying "250 2.6.0 Ok, message saved..." and the sending server acknowledges that by sending a QUIT command. If the sending server never received "Ok, message saved.." message, then the session should have remained open and when the session time out was reached, an error would be logged.
Tue 2024-02-06 04:41:16.276: 01: [27516443] Message creation successful: c:\mdaemon\queues\inbound\md5001005259196.msg
Tue 2024-02-06 04:41:16.276: 03: [27516443] --> 250 2.6.0 Ok, message saved <Message-ID: <wgOOoY91Sj2BPAmchDoPHw@geopod-ismtpd-3>>
Tue 2024-02-06 04:41:16.292: 02: [27516443] <-- QUIT
Tue 2024-02-06 04:41:16.292: 03: [27516443] --> 221 2.0.0 See ya in cyberspace
Based on what I'm seeing, I think the sender is simply sending you hundreds of copies of the emails.
Please reach out to the sender to see if they can help.
-
So we agreed that from my side there was no problem in principle? I'm going to see if I can find the help desk of this platform to see if I can move forward with the issue. I will update when I have news.
Thank you very much Arron!
Greetings. Jonatan
-
Arron Staff
So we agreed that from my side there was no problem in principle?
Yes.
Please let us know what you find out.
-
Hello good! I update.
At the moment the platform does not give me a solution, and I think they will not give it to me based on the answers they give me.
Is it possible to create a rule or filter that identifies repeated emails? I find it difficult as there are different identifiers, but someone with more experience could have made a similar rule or generated a script or similar and I executed it in the emails that come from that platform, but I can't think of how to make the script either.
Thank you so much!!
Greetings. Jonatan
-
Arron StaffI have a couple of content filter rules that look for messages with the same subject. I am assuming the messages all have the same subject, but if that is not the case then we'll have to find something else that is constant.This has not been tested thoroughly and may not work so I would highly recommend that you proceed with caution.To use the rules you just have to create the text file and set the address to look for in the From header and the address of the person receiving the messages.You can change the conditions to whatever you need them to be to work for you, but I would make the conditions as strict as you possibly can. For example, limit it to all messages from specific domain, to a single user. There is a very high chance these filters are going to catch extra messages, the more messages the rules are being applied to, the greater the chance.You should also delete the subject.txt file regularly (I'd suggest at least once a day, but it will depend on your environment). If you do not, you will limit the ability to receive future messages matching the conditions of the rules with the same subject.Please proceed with caution.
[Rule014]
RuleName=If Subject already exists send to bad
Enable=Yes
ThisRuleCondition=All
ProcessQueue=LOCAL
Condition01=FROM|contains|AND|externaluser@domain.com|
Condition02=X-MDaemon-Deliver-To|contains|AND|localuser@localdomain.com|
Condition03=Subject|contained in file|AND|C:\MDaemon\App\Subject.txt|
Action01=move to bad Msg|
[Rule015]
RuleName=Add subject to text file
Enable=Yes
ThisRuleCondition=All
ProcessQueue=LOCAL
Condition01=Subject|not contained in file|AND|C:\MDaemon\App\Subject.txt|
Condition02=X-MDaemon-Deliver-To|contains|AND|localuser@localdomain.com|
Condition03=FROM|contains|AND|externaluser@domain.com|
Action01=add line to text file|"C:\MDaemon\App\Subject.txt","REGEX:^$SUBJECT$$"
Please login to reply this topic!
