Sebastiaan Alvarez Rodriguez asked:
Good day to you all,
The thing is: My logs show me that I get connections from ‘unknown’.
Here is a part of my
/var/log/maillog (default CentOS postfix log location. On other Linux systems possibly
Jun 2 22:58:31 vps postfix/smtpd: connect from unknown[A.B.C.D] Jun 2 22:58:31 vps postfix/smtpd: connect from unknown[A.B.C.E] Jun 2 22:58:43 vps postfix/smtpd: connect from unknown[A.B.F.G] Jun 2 22:58:55 vps postfix/smtpd: connect from unknown[A.B.F.H] Jun 2 22:58:58 vps postfix/smtpd: disconnect from unknown[A.B.C.D] ...
With my current ruleset, these unknown spambots should be completely unable to send their garbage on their way to the internet.
However, I would like to check if these unknowns actually got any mail sent from my server.
What I tried
I tried the
mailq command to check queued mails. This list was empty. However, this does not exclude that there was traffic.
Also, I checked my log with
cat /var/log/maillog | grep 'sent'. Zero matches. I am uncertain whether this means no bot could send spam or that postfix does not log sent mails from unknown’s.
How can one check outgoing mail traffic with postfix?
If any mail was sent, it would be in the log.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.