Sm-mta strange outgoing messages

sendmail

I noticed something weird today on my mail server. I had a message in my inbox that said:

Received: from myserver.com (localhost)
    by myserver.com (8.14.3/8.14.3/Debian-9.2ubuntu1) id r3GJ4H5S005124;
    Tue, 16 Apr 2013 19:05:02 GMT
Date: Tue, 16 Apr 2013 19:05:02 GMT
From: Mail Delivery Subsystem <MAILER-DAEMON@myserver.com>

It's a bounce from a message that seems to have been sent from my server. Logs show that I recieved a spam message from this address, but then the last line of the log I pasted below caught my attention.
How would I have a "TO" message to this email address? I can guarantee that I never responded, etc.

This is running sendmail on ubuntu.

syslog:Apr 16 14:48:23 myserversm-mta[32741]: r3GEmLnq032741: from=<684192472@bio.ru>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA-v4, relay=[37.45.241.125]
syslog:Apr 16 14:53:32 myservermilter-regex[4633]: [37.45.241.125] [37.45.241.125]: cb_envfrom('<684192472@bio.ru>')
syslog:Apr 16 14:53:32 myservermilter-regex[4633]: [37.45.241.125] [37.45.241.125]: macro {mail_addr} = 684192472@bio.ru
syslog:Apr 16 14:53:32 myservermilter-greylist: r3GErUP7000362: addr [37.45.241.125][37.45.241.125] from <684192472@bio.ru> to <ME@myserver.com> delayed for 00:04:51 (ACL 154)
syslog:Apr 16 14:53:33 myserversm-mta[362]: r3GErUP7000362: from=<684192472@bio.ru>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA-v4, relay=[37.45.241.125]
syslog:Apr 16 14:58:50 myservermilter-regex[4633]: [37.45.241.125] [37.45.241.125]: cb_envfrom('<684192472@bio.ru>')
syslog:Apr 16 14:58:50 myservermilter-regex[4633]: [37.45.241.125] [37.45.241.125]: macro {mail_addr} = 684192472@bio.ru
syslog:Apr 16 14:58:52 myserversm-mta[459]: r3GEwm3L000459: from=<684192472@bio.ru>, size=1102, class=0, nrcpts=1, msgid=<002701ce3ab0$bfb09940$236828a4@vadiminljjo>, proto=SMTP, daemon=MTA-v4, relay=[37.45.241.125]
syslog:Apr 16 14:58:52 myservermilter-regex[4633]: [37.45.241.125] [37.45.241.125]: cb_header('From', '"Vivian Cotton" <684192472@bio.ru>')
syslog:Apr 16 14:58:52 myservermilter-regex[4633]: [37.45.241.125] [37.45.241.125]: ACCEPT, HELO: 37.45.241.125, FROM: <684192472@bio.ru>, RCPT: <ME@myserver.com>, From: "Vivian Cotton" <684192472@bio.ru>, To: <ME@myserver.com>, Subject: Get Ready For More News From This Company!
syslog:Apr 16 19:05:02 myserversm-mta[5124]: r3GJ4H5R005124: to=<684192472@bio.ru>, delay=00:00:01, xdelay=00:00:01, mailer=esmtp, pri=30000, relay=mail.bio.ru. [83.222.200.20], dsn=5.1.1, stat=User unknown

Best Answer

This can either be deleted, or left with the answer...

It turned out that the aliases file had a typo so that mail for one particular user was getting sent to an invalid address. Fixed the typo and ran newaliases and all was well.

Related Topic