nigelmoore
Technical User
Hi,
Our c:\inetpub\mailroot\badmail directory keeps filling up with gigabytes of XXXXX.BAD files. Each of these files is nearly the same size and there is always literally tens of thousands of them. When I open them, they all have nearly the same headers (I have copy and pasted a sample header down the bottom of this message). Where our domain is, I have changed it for XXXXXXXXXXXX.com.au
All of these messages seem to have something to do with peoplemail.com.cn and 163.com which are in no way affiliated with us.
Does anyone know how we can track where this is coming from and stop it? Thanks for any assistance...
=============== Sample BADMail Headers ===================
From: postmaster@XXXXXXXXXXXX.com.au
To: tom5253i@peoplemail.com.cn
Date: Sat, 16 Aug 2003 23:05:04 +1000
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="9B095B5ADSN=_XXXXXXXXXXXX."
Message-ID: <71yEXUIEA0000862e@XXXXXXXXXXXX.com.au>
Subject: Delivery Status Notification (Failure)
This is a MIME-formatted message.
Portions of this message may be unreadable without a MIME-capable mail program.
--9B095B5ADSN=_01C31DA1C9362EB60001BEA7XXXXXXXXXXXX.
Content-Type: text/plain; charset=unicode-1-1-utf-7
This is an automatically generated Delivery Status Notification.
Delivery to the following recipients failed.
hhhkf@163.com
hhhkg@163.com
hhhkh@163.com
hhhkikizbz@163.com
hhhkj@163.com
hhhkk-123@163.com
hhhkk@163.com
--9B095B5ADSN=_01C31DA1C9362EB60001BEA7XXXXXXXXXXXX.
Content-Type: message/delivery-status
Reporting-MTA: dns;XXXXXXXXXXXX.com.au
Received-From-MTA: dns;peoplemail.com.cn
Arrival-Date: Sat, 16 Aug 2003 22:39:51 +1000
Final-Recipient: rfc822;hhhkf@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkg@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkh@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkikizbz@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkj@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkk-123@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkk@163.com
Action: failed
Status: 5.0.0
--9B095B5ADSN=_01C31DA1C9362EB60001BEA7XXXXXXXXXXXX.
Content-Type: message/rfc822
Received: from peoplemail.com.cn ([202.39.14.34]) by XXXXXXXXXXXX.com.au with Microsoft SMTPSVC(5.0.2195.1600);
Sat, 16 Aug 2003 22:39:51 +1000
Received: from unknown (HELO xiao496 [171.166.208.4])
by peoplemail.com.cn with SMTP;
Sat, 16 Aug 2003 12:43:58 GMT
Message-Id: <1061037856-@xiao496>
From: "Lu Ranjie" <tom5253i@peoplemail.com.cn>
To: cuiwei
Subject: ÓÃǹ¸Ë×Ó±£»¤·Ç·¨ÂÓ¶áµÄ¾Þ¶î×ʲú
Sender: hebei kou
=============== End Sample BADMail Headers ==============
Our c:\inetpub\mailroot\badmail directory keeps filling up with gigabytes of XXXXX.BAD files. Each of these files is nearly the same size and there is always literally tens of thousands of them. When I open them, they all have nearly the same headers (I have copy and pasted a sample header down the bottom of this message). Where our domain is, I have changed it for XXXXXXXXXXXX.com.au
All of these messages seem to have something to do with peoplemail.com.cn and 163.com which are in no way affiliated with us.
Does anyone know how we can track where this is coming from and stop it? Thanks for any assistance...
=============== Sample BADMail Headers ===================
From: postmaster@XXXXXXXXXXXX.com.au
To: tom5253i@peoplemail.com.cn
Date: Sat, 16 Aug 2003 23:05:04 +1000
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="9B095B5ADSN=_XXXXXXXXXXXX."
Message-ID: <71yEXUIEA0000862e@XXXXXXXXXXXX.com.au>
Subject: Delivery Status Notification (Failure)
This is a MIME-formatted message.
Portions of this message may be unreadable without a MIME-capable mail program.
--9B095B5ADSN=_01C31DA1C9362EB60001BEA7XXXXXXXXXXXX.
Content-Type: text/plain; charset=unicode-1-1-utf-7
This is an automatically generated Delivery Status Notification.
Delivery to the following recipients failed.
hhhkf@163.com
hhhkg@163.com
hhhkh@163.com
hhhkikizbz@163.com
hhhkj@163.com
hhhkk-123@163.com
hhhkk@163.com
--9B095B5ADSN=_01C31DA1C9362EB60001BEA7XXXXXXXXXXXX.
Content-Type: message/delivery-status
Reporting-MTA: dns;XXXXXXXXXXXX.com.au
Received-From-MTA: dns;peoplemail.com.cn
Arrival-Date: Sat, 16 Aug 2003 22:39:51 +1000
Final-Recipient: rfc822;hhhkf@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkg@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkh@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkikizbz@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkj@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkk-123@163.com
Action: failed
Status: 5.0.0
Final-Recipient: rfc822;hhhkk@163.com
Action: failed
Status: 5.0.0
--9B095B5ADSN=_01C31DA1C9362EB60001BEA7XXXXXXXXXXXX.
Content-Type: message/rfc822
Received: from peoplemail.com.cn ([202.39.14.34]) by XXXXXXXXXXXX.com.au with Microsoft SMTPSVC(5.0.2195.1600);
Sat, 16 Aug 2003 22:39:51 +1000
Received: from unknown (HELO xiao496 [171.166.208.4])
by peoplemail.com.cn with SMTP;
Sat, 16 Aug 2003 12:43:58 GMT
Message-Id: <1061037856-@xiao496>
From: "Lu Ranjie" <tom5253i@peoplemail.com.cn>
To: cuiwei
Subject: ÓÃǹ¸Ë×Ó±£»¤·Ç·¨ÂÓ¶áµÄ¾Þ¶î×ʲú
Sender: hebei kou
=============== End Sample BADMail Headers ==============