邮件服务器-邮件系统-邮件技术论坛(BBS)'s Archiver

海洋科技www.idcsea.com,海外邮件解决方案提供商!

yudong118 发表于 2008-10-11 09:15

MDaemon自己发送垃圾邮件

MDaemon会时不时的自己发送垃圾邮件  下有out日志 哪位帮忙分析下

-10-11 02:18:04: 已建立连接 (172.16.10.23 : 3185 -> 213.192.241.126 : 25)
Sat 2008-10-11 02:18:04: 等待协议初始化...
Sat 2008-10-11 02:18:05: <-- 220 killspam.ispgrup.com ESMTP Sendmail 8.14.1/8.14.1; Fri, 10 Oct 2008 20:23:53 +0200
Sat 2008-10-11 02:18:05: --> EHLO xxx.com.cn
Sat 2008-10-11 02:18:05: <-- 250-killspam.ispgrup.com Hello [59.37.30.102], pleased to meet you
Sat 2008-10-11 02:18:05: <-- 250-ENHANCEDSTATUSCODES
Sat 2008-10-11 02:18:05: <-- 250-PIPELINING
Sat 2008-10-11 02:18:05: <-- 250-8BITMIME
Sat 2008-10-11 02:18:05: <-- 250-SIZE
Sat 2008-10-11 02:18:05: <-- 250-DSN
Sat 2008-10-11 02:18:05: <-- 250-DELIVERBY
Sat 2008-10-11 02:18:05: <-- 250 HELP
Sat 2008-10-11 02:18:05: --> MAIL From:<> SIZE=6561
Sat 2008-10-11 02:18:06: <-- 250 2.1.0 <>... Sender ok
Sat 2008-10-11 02:18:06: --> RCPT To:<[email=angel@tarracosystems.com]angel@tarracosystems.com[/email]>
Sat 2008-10-11 02:18:06: <-- 250 2.1.5 <[email=angel@tarracosystems.com]angel@tarracosystems.com[/email]>... Recipient ok
Sat 2008-10-11 02:18:06: --> DATA
Sat 2008-10-11 02:18:06: <-- 354 Enter mail, end with "." on a line by itself
Sat 2008-10-11 02:18:06: 正在发送 <c:\mdaemon\queues\remote\pd75000001482.msg> 到 [213.192.241.126]
Sat 2008-10-11 02:18:06: 发送完成。
Sat 2008-10-11 02:18:07: <-- 250 2.0.0 m9AINr5s002803 Message accepted for delivery
Sat 2008-10-11 02:18:07: --> QUIT
Sat 2008-10-11 02:18:08: <-- 221 2.0.0 killspam.ispgrup.com closing connection
Sat 2008-10-11 02:18:08: SMTP 会话成功(进/出字节:493/6657)
Sat 2008-10-11 02:18:08: ----------
Sat 2008-10-11 02:22:28: Session 7173; child 1
Sat 2008-10-11 02:22:26: Parsing Message <c:\mdaemon\queues\remote\pd75000001483.msg>
Sat 2008-10-11 02:22:26: From: (sender not specified)
Sat 2008-10-11 02:22:26: To: [email=a.bartholo@abbeytitle.com]a.bartholo@abbeytitle.com[/email]
Sat 2008-10-11 02:22:26: Subject: No valid command found
Sat 2008-10-11 02:22:26: Message-ID: <[email=MDAEMON0283200810110222.AA2224770@xxx.com.cn]MDAEMON0283200810110222.AA2224770@xxx.com.cn[/email]>
Sat 2008-10-11 02:22:26: 正在进行[abbeytitle.com]的 MX-记录解析(DNS 服务器:202.96.134.133)...
Sat 2008-10-11 02:22:26: *  P=010 S=000 D=abbeytitle.com TTL=(59) MX=[server43.appriver.com] {69.20.116.115}
Sat 2008-10-11 02:22:26: *  P=020 S=001 D=abbeytitle.com TTL=(59) MX=[server44.appriver.com] {69.20.116.116}
Sat 2008-10-11 02:22:26: Attempting MX: P=010 S=000 D=abbeytitle.com TTL=(59) MX=[server43.appriver.com] {69.20.116.115}
Sat 2008-10-11 02:22:26: 试图 SMTP 连接到 [69.20.116.115 : 25]
Sat 2008-10-11 02:22:26: 等候连接...
Sat 2008-10-11 02:22:26: 已建立连接 (172.16.10.23 : 3209 -> 69.20.116.115 : 25)
Sat 2008-10-11 02:22:26: 等待协议初始化...
Sat 2008-10-11 02:22:26: <-- 220 server43.appriver.com ESMTP srv-a
Sat 2008-10-11 02:22:26: --> EHLO xxx.com.cn
Sat 2008-10-11 02:22:27: <-- 250-inbound.appriver.com no DNS A-data returned xxx.com.cn
Sat 2008-10-11 02:22:27: <-- 250-DSN
Sat 2008-10-11 02:22:27: <-- 250-SIZE 31457280
Sat 2008-10-11 02:22:27: <-- 250-STARTTLS
Sat 2008-10-11 02:22:27: <-- 250-ETRN
Sat 2008-10-11 02:22:27: <-- 250-TURN
Sat 2008-10-11 02:22:27: <-- 250-ATRN
Sat 2008-10-11 02:22:27: <-- 250-NO-SOLICITING
Sat 2008-10-11 02:22:27: <-- 250-8BITMIME
Sat 2008-10-11 02:22:27: <-- 250-HELP
Sat 2008-10-11 02:22:27: <-- 250-PIPELINING
Sat 2008-10-11 02:22:27: <-- 250 EHLO
Sat 2008-10-11 02:22:27: --> MAIL From:<> SIZE=6456
Sat 2008-10-11 02:22:27: <-- 250 <> sender accepted
Sat 2008-10-11 02:22:27: --> RCPT To:<[email=a.bartholo@abbeytitle.com]a.bartholo@abbeytitle.com[/email]>
Sat 2008-10-11 02:22:27: <-- 250 [email=a.bartholo@abbeytitle.com]a.bartholo@abbeytitle.com[/email] will forward
Sat 2008-10-11 02:22:27: --> DATA
Sat 2008-10-11 02:22:28: <-- 354 Enter mail, end with "." on a line by itself
Sat 2008-10-11 02:22:28: 正在发送 <c:\mdaemon\queues\remote\pd75000001483.msg> 到 [69.20.116.115]
Sat 2008-10-11 02:22:28: 发送完成。
Sat 2008-10-11 02:22:28: <-- 250 825838253 message accepted for delivery
Sat 2008-10-11 02:22:28: --> QUIT
Sat 2008-10-11 02:22:28: <-- 221 inbound.appriver.com SMTP closing connection
Sat 2008-10-11 02:22:28: SMTP 会话成功(进/出字节:455/6553)
Sat 2008-10-11 02:22:28: ----------

yudong118 发表于 2008-10-11 09:44

问下大家  要建立个规则 如果from  为空  就删除掉这个邮件  这个规则在建立的时候 检查字符串该如何填写?

lwz_08 发表于 2008-10-11 14:08

中继关了嘛?

Kyan 发表于 2008-10-13 00:07

回覆 1 樓的貼子

[size=4]如果你自己確實沒有發送,可能被植入機器人了,趕緊加裝 Norton AntiBot。[/size]

yudong118 发表于 2008-10-13 08:59

回复 3楼 lwz_08 的帖子

中继关了!!!那现在是查杀木马是吧??

fdsopp 发表于 2008-10-13 09:53

你的smtp入没有什么反常的地方么?

yudong118 发表于 2008-10-13 10:04

回复 6楼 fdsopp 的帖子

in是经常有垃圾邮件  很多被DNS黑名单干掉了!!

fdsopp 发表于 2008-10-13 10:47

内容过滤器的设置,并不是弄那个字段符合的~~~~~


[attach]6096[/attach]
[attach]6097[/attach]
[attach]6098[/attach]
[attach]6099[/attach]
[attach]6100[/attach]

yudong118 发表于 2008-10-13 10:59

回复 8楼 fdsopp 的帖子

好的 谢谢你  我设置下 看能不能把没发件人的邮件过滤掉!

不可以按照你说的那样设置

出现如下图提示:

[[i] 本帖最后由 yudong118 于 2008-10-13 11:06 编辑 [/i]]

yudong118 发表于 2008-10-13 11:08

在上面第2张图片的地方就已经无法点确定了  点取消以后会出现第一张图片所示!:(

fdsopp 发表于 2008-10-13 11:28

:L :L :L 不是does not contain 是does not exist~~~~

yudong118 发表于 2008-10-13 11:35

回复 11楼 fdsopp 的帖子

:P 谢谢  我看错了  谢谢你的帮助!

页: [1]

Powered by Discuz! Archiver 6.1.0  © 2001-2007 Comsenz Inc.