Hi,
Today I've got ~125 emails that where.. very strange. Seems like exploit attempt or something?
Firstly, mainlog shows this:
```
2021-11-17 05:49:46
H=(ovcuighdiuuzompjomqrulupbjyjioscqlmyhzrkywgkgrewmfhygfqomxyczggmxswfwevfqmzdsrktmvlzjadhhmcfzzzlhwkh)
[123.30.137.221] F=<> rejected RCPT
<rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootroot@domaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomaindomain>:
relay not permitted
2021-11-17 05:49:47 1mnBxD-00057E-AU <= <>
H=(ovcuighdiuuzompjomqrulupbjyjioscqlmyhzrkywgkgrewmfhygfqomxyczggmxswfwevfqmzdsrktmvlzjadhhmcfzzzlhwkh)
[123.30.137.221] P=esmtp S=1263
2021-11-17 05:49:48 1mnBxD-00057E-AU => vincas <postmaster@odroid-hc1> R=dovecot_router T=dovecot_transport
```
So it seems it was redirected to postmaster? And probably due to postmaster -> root -> my_personal_email aliases, it end
up into my Thunderbird? This is mail source:
```
From - Wed Nov 17 19:52:17 2021
X-Account-Key: account15
X-UIDL: 000015fc5f5514af
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-path: <>
Envelope-to: postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1,
postmaster@odroid-hc1
Received: from [123.30.137.221]
(helo=ovcuighdiuuzompjomqrulupbjyjioscqlmyhzrkywgkgrewmfhygfqomxyczggmxswfwevfqmzdsrktmvlzjadhhmcfzzzlhwkh)
by mail.<redacted>.net with esmtp (Exim 4.92)
id 1mnBxD-00057E-AU; Wed, 17 Nov 2021 05:49:47 +0200
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
```
Not sure what's going on here. First of all, I might have something misconfigured that this kind of junk passed through
to postmaster?
I see lot's of various "problematic" attempts, rejects, etc in the logs, but this is first time I got something strange
into my mailbox, so due to that concern I'm writing here.
Any comments/ideas?
Thanks!
P.S. Running 4.92-8+deb10u6 on Debian 10 Buster.
