Untitled

what it looks like when somebody sends email the normal way

maillog:Jun  3 08:05:50 crawling postfix/smtpd[61196]: connect from h-96-15-195-130.ip.alltel.net[96.15.195.130]
maillog:Jun  3 08:05:52 crawling postfix/smtpd[61196]: 29AB6101552: client=h-96-15-195-130.ip.alltel.net[96.15.195.130], sasl_method=LOGIN, sasl_username=shippj@gwhsi.com
maillog:Jun  3 08:05:53 crawling postfix/cleanup[62439]: 29AB6101552: message-id=<PKEKJOIIDNCBKPOGNOCIIEICCPAA.shippj@yahoo.com>
maillog:Jun  3 08:05:53 crawling postfix/qmgr[531]: 29AB6101552: from=<shippj@yahoo.com>, size=1981, nrcpt=1 (queue active)
maillog:Jun  3 08:05:53 crawling postfix/smtpd[61196]: disconnect from h-96-15-195-130.ip.alltel.net[96.15.195.130]
maillog:Jun  3 08:05:54 crawling postfix/smtp[62840]: 29AB6101552: to=<ronniecornelius@yahoo.com>, relay=c.mx.mail.yahoo.com[206.190.54.127], delay=3, status=sent (250 ok dirdel)
maillog:Jun  3 08:05:54 crawling postfix/qmgr[531]: 29AB6101552: removed

here's what i think happened on those 7 events

1. user connects via smtp, IP is logged
2. email being sent is assigned a message-id, and username is logged
3. same
4. details such as FROM, SIZE, and number of recepiants are logged, and email is put in an outbox
5. smtp connection to user is done
6. email is sent
7. email is removed from outbox


now, here's what i am seeing in maillog

Jun  1 09:49:57 crawling postfix/cleanup[18945]: C543DFD423: message-id=<20100601144957.C543DFD423@crawling.gwhsi.com>
Jun  1 09:49:57 crawling postfix/qmgr[531]: C543DFD423: from=<>, size=14605, nrcpt=1 (queue active)
Jun  1 09:51:08 crawling postfix/smtp[19795]: C543DFD423: host mx.yandex.ru[77.88.21.89] said: 451 4.5.1 The recipient <midinoise@yandex.ru> has exceeded their message rate limit. Try again later. (in reply to end of DATA command)

notice, there is no smtp connection from a user, the email gets put onto the que directly from crawling.gwhsi.com