设为首页收藏本站
开启辅助访问
ORF反垃圾邮件系统

邮件服务器-邮件系统-邮件技术论坛(BBS)

 找回密码
 会员注册
邮件服务器-邮件系统-邮件技术论坛(BBS)»论坛首页 ≡ 邮件服务器专区≡ IMail Server STMP服务一打开spools下就不停出现.SMD文件的问题
返回列表 发新帖
查看: 6552|回复: 4
打印 上一主题 下一主题

[求助] STMP服务一打开spools下就不停出现.SMD文件的问题

[复制链接]
duozo1985
跳转到指定楼层
顶楼
发表于 2011-5-18 11:58:46 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
如题,STMP服务一打,imail就不停发出垃圾邮件,试过将用户全部都禁止访问,但问题依然出现。可以确定是服务器中了木马吗?请教高手怎么解决?

下面是部分日志的内容:

05:18 11:40 SMTPD(00D5032C) server starting on port 25 of shopping176.com
05:18 11:40 SMTPD(047902D8) [58.255.250.80] connect 58.177.245.104 port 1154
05:18 11:40 SMTPD(047902D8) [58.177.245.104] EHLO jggonng.com
05:18 11:40 SMTPD(047902D8) [58.177.245.104] MAIL FROM:<wjjwa@yahoo.com.tw>
05:18 11:40 SMTPD(00A7035A) [58.255.250.80] connect 213.17.144.50 port 2148
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<keywordsend@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <keywordsend@yahoo.com.tw
05:18 11:40 SMTPD(01B60368) [58.255.250.80] connect 94.73.132.50 port 3726
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<sales@ho-chin.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <sales@ho-chin.com.tw
05:18 11:40 SMTPD(01CB03EC) [58.255.250.80] connect 94.30.53.164 port 44026
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<h1v50pc1s@xuite.net>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <h1v50pc1s@xuite.net
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<seya1112@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <seya1112@yahoo.com.tw
05:18 11:40 SMTPD(013C03E8) [58.255.250.80] connect 208.57.199.251 port 3510
05:18 11:40 SMTPD(012C0388) [58.255.250.80] connect 222.154.232.171 port 53468
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<my4745@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <my4745@yahoo.com.tw
05:18 11:40 SMTPD(018F03A2) [58.255.250.80] connect 213.184.251.50 port 6484
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<yth1975@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <yth1975@yahoo.com.tw
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<joy3124@gmail.com>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <joy3124@gmail.com
05:18 11:40 SMTPD(00FD0398) [58.255.250.80] connect 91.192.75.157 port 2777
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<minetk@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <minetk@yahoo.com.tw
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<oklamaymay2001@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <oklamaymay2001@yahoo.com.tw
05:18 11:40 SMTPD(00A7035A) [213.17.144.50] EHLO qpzbnh.com
05:18 11:40 SMTPD(01CB03EC) [94.30.53.164] EHLO cfeeldb.com
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<ding0707ding0707@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <ding0707ding0707@yahoo.com.tw
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] EHLO saqktk.com
05:18 11:40 SMTPD(002A02F4) [121.9.243.245] connect 123.65.228.11 port 47805
05:18 11:40 SMTPD(047902D8) [58.177.245.104] RCPT TO:<g811111@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) [58.177.245.104] ERR shopping176.com invalid user <g811111@yahoo.com.tw
05:18 11:40 SMTPD(012C0388) [222.154.232.171] EHLO oiqaua.com
05:18 11:40 SMTPD(018F03A2) [213.184.251.50] EHLO botanz.com
05:18 11:40 SMTPD(01B60368) [94.73.132.50] EHLO bescrm.com
05:18 11:40 SMTPD(002A02F4) [123.65.228.11] EHLO zvsl.com
05:18 11:40 SMTPD(002A02F4) [123.65.228.11] MAIL FROM: <ybefb@zvsl.com>
05:18 11:40 SMTPD(002A02F4) [123.65.228.11] RCPT TO: <hr@tayouta.com>
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] MAIL FROM:<aqmdxma@yahoo.com.tw>
05:18 11:40 SMTPD(01CB03EC) [94.30.53.164] MAIL FROM:<ppmir@yahoo.com.tw>
05:18 11:40 SMTPD(00FD0398) [91.192.75.157] EHLO kqynst.com
05:18 11:40 SMTPD(00A7035A) [213.17.144.50] MAIL FROM:<xkwwldzi@yahoo.com.tw>
05:18 11:40 SMTPD(047A02D8) [58.255.250.80] connect 41.135.150.253 port 4598
05:18 11:40 SMTPD(018F03A2) [213.184.251.50] MAIL FROM:<ehkgp@yahoo.com.tw>
05:18 11:40 SMTPD(012C0388) [222.154.232.171] MAIL FROM:<mkqgq@yahoo.com.tw>
05:18 11:40 SMTPD(01B60368) [94.73.132.50] MAIL FROM:<rrjoibq@yahoo.com.tw>
05:18 11:40 SMTPD(012D03DE) [58.255.250.80] connect 195.24.195.162 port 1055
05:18 11:40 SMTPD(008E02E4) [58.255.250.80] connect 190.188.183.125 port 1049
05:18 11:40 SMTPD(023E0306) [58.255.250.80] connect 66.195.146.72 port 9845
05:18 11:40 SMTPD(00F3031E) [58.255.250.80] connect 218.75.36.190 port 2762
05:18 11:40 SMTPD(014C0348) [58.255.250.80] connect 178.20.145.40 port 45958
05:18 11:40 SMTPD(002A02F4) [123.65.228.11] D:\IMail\spool\D3fa6002a02f481ba.SMD 50160
05:18 11:40 SMTPD(002A02F4) performing antispam checks
05:18 11:40 SMTPD(00F3031E) [218.75.36.190] EHLO gujgun.com
05:18 11:40 SMTPD(002B02F4) [58.255.250.80] connect 173.161.182.53 port 58394
05:18 11:40 SMTPD(00F3031E) [218.75.36.190] MAIL FROM:<kpqnaow@yahoo.com.tw>
05:18 11:40 SMTP-(00000000) Info - Queue manager started
05:18 11:40 SMTP-(00000000) Info - Queue manager starting Queue run 1
05:18 11:40 SMTP-(08380000) processing D:\IMail\spool\Q3fa6002a02f481ba.SMD
05:18 11:40 SMTPD(023E0306) [66.195.146.72] EHLO ochhwm.com
05:18 11:40 SMTPD(00F3031E) [218.75.36.190] RCPT TO:<carios098@yahoo.com.tw>
05:18 11:40 SMTPD(00F3031E) [218.75.36.190] ERR shopping176.com invalid user <carios098@yahoo.com.tw
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] RCPT TO:<ericing07@yahoo.com.tw>
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] ERR shopping176.com invalid user <ericing07@yahoo.com.tw
05:18 11:40 SMTPD(01CB03EC) [94.30.53.164] RCPT TO:<maggic2504@yahoo.com.tw>
05:18 11:40 SMTPD(01CB03EC) [94.30.53.164] ERR shopping176.com invalid user <maggic2504@yahoo.com.tw
05:18 11:40 SMTPD(00F3031E) [218.75.36.190] RCPT TO:<applerola@yahoo.com.tw>
05:18 11:40 SMTPD(00F3031E) [218.75.36.190] ERR shopping176.com invalid user <applerola@yahoo.com.tw
05:18 11:40 SMTPD(018F03A2) [213.184.251.50] RCPT TO:<ebc_ihi@yahoo.com.tw>
05:18 11:40 SMTPD(018F03A2) [213.184.251.50] ERR shopping176.com invalid user <ebc_ihi@yahoo.com.tw
05:18 11:40 SMTPD(012C0388) [222.154.232.171] RCPT TO:<ya670427@yahoo.com.tw>
05:18 11:40 SMTPD(012C0388) [222.154.232.171] ERR shopping176.com invalid user <ya670427@yahoo.com.tw
05:18 11:40 SMTPD(00A7035A) [213.17.144.50] RCPT TO:<hstawu1210@yahoo.com.tw>
05:18 11:40 SMTPD(00A7035A) [213.17.144.50] ERR shopping176.com invalid user <hstawu1210@yahoo.com.tw
05:18 11:40 SMTPD(00F3031E) [218.75.36.190] RCPT TO:<winnie0751@yahoo.com.tw>
05:18 11:40 SMTPD(00F3031E) [218.75.36.190] ERR shopping176.com invalid user <winnie0751@yahoo.com.tw
05:18 11:40 SMTPD(002B02F4) [173.161.182.53] EHLO qvhrvmh.com
05:18 11:40 SMTPD(00FD0398) [91.192.75.157] MAIL FROM:<fqmrc@yahoo.com.tw>
05:18 11:40 SMTPD(023E0306) [66.195.146.72] MAIL FROM:<nmsbk@yahoo.com.tw>
05:18 11:40 SMTPD(008E02E4) [190.188.183.125] EHLO ttiukv.com
05:18 11:40 SMTPD(023503AC) [58.255.250.80] connect 189.11.61.133 port 3749
05:18 11:40 SMTPD(01B60368) [94.73.132.50] RCPT TO:<suhushyu@ms15.hinet.net>
05:18 11:40 SMTPD(01B60368) [94.73.132.50] ERR shopping176.com invalid user <suhushyu@ms15.hinet.net
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] RCPT TO:<impreeza2003@yahoo.com.tw>
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] ERR shopping176.com invalid user <impreeza2003@yahoo.com.tw
05:18 11:40 SMTPD(014C0348) [178.20.145.40] EHLO kzkmwhn.com
05:18 11:40 SMTPD(01CB03EC) [94.30.53.164] RCPT TO:<c820212@yahoo.com.tw>
05:18 11:40 SMTPD(01CB03EC) [94.30.53.164] ERR shopping176.com invalid user <c820212@yahoo.com.tw
05:18 11:40 SMTPD(018F03A2) [213.184.251.50] RCPT TO:<a000930920@yahoo.com.tw>
05:18 11:40 SMTPD(018F03A2) [213.184.251.50] ERR shopping176.com invalid user <a000930920@yahoo.com.tw
05:18 11:40 SMTPD(023E0306) [66.195.146.72] RCPT TO:<dobylsh@xuite.net>
05:18 11:40 SMTPD(023E0306) [66.195.146.72] ERR shopping176.com invalid user <dobylsh@xuite.net
05:18 11:40 SMTPD(047A02D8) [41.135.150.253] EHLO kugqzh.com
05:18 11:40 SMTPD(012C0388) [222.154.232.171] RCPT TO:<pipi10227@yahoo.com.tw>
05:18 11:40 SMTPD(012C0388) [222.154.232.171] ERR shopping176.com invalid user <pipi10227@yahoo.com.tw
05:18 11:40 SMTPD(002B02F4) [173.161.182.53] MAIL FROM:<aongnili@yahoo.com.tw>
05:18 11:40 SMTPD(012D03DE) [195.24.195.162] EHLO xskxsw.com
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] RCPT TO:<jamie_642000@yahoo.com.tw>
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] ERR shopping176.com invalid user <jamie_642000@yahoo.com.tw
05:18 11:40 SMTPD(00A7035A) [213.17.144.50] RCPT TO:<pao626727@yahoo.com.tw>
05:18 11:40 SMTPD(00A7035A) [213.17.144.50] ERR shopping176.com invalid user <pao626727@yahoo.com.tw
05:18 11:40 SMTPD(023E0306) [66.195.146.72] RCPT TO:<ejlli@yahoo.com.tw>
05:18 11:40 SMTPD(023E0306) [66.195.146.72] ERR shopping176.com invalid user <ejlli@yahoo.com.tw
05:18 11:40 SMTPD(01CB03EC) [94.30.53.164] RCPT TO:<s882262@yahoo.com.tw>
05:18 11:40 SMTPD(01CB03EC) [94.30.53.164] ERR shopping176.com invalid user <s882262@yahoo.com.tw
05:18 11:40 SMTPD(00FD0398) [91.192.75.157] RCPT TO:<goya7341@yahoo.com.tw>
05:18 11:40 SMTPD(00FD0398) [91.192.75.157] ERR shopping176.com invalid user <goya7341@yahoo.com.tw
05:18 11:40 SMTPD(01B60368) [94.73.132.50] RCPT TO:<shinyin200381@yahoo.com.tw>
05:18 11:40 SMTPD(01B60368) [94.73.132.50] ERR shopping176.com invalid user <shinyin200381@yahoo.com.tw
05:18 11:40 SMTPD(008E02E4) [190.188.183.125] MAIL FROM:<lpeekktp@yahoo.com.tw>
05:18 11:40 SMTPD(018F03A2) [213.184.251.50] RCPT TO:<gamegood123@yahoo.com.tw>
05:18 11:40 SMTPD(018F03A2) [213.184.251.50] ERR shopping176.com invalid user <gamegood123@yahoo.com.tw
05:18 11:40 SMTPD(023503AC) [189.11.61.133] EHLO wjacxm.com
05:18 11:40 SMTPD(014C0348) [178.20.145.40] MAIL FROM:<ptxlyz@yahoo.com.tw>
05:18 11:40 SMTPD(002B02F4) [173.161.182.53] RCPT TO:<axicchie@ms21.hinet.net>
05:18 11:40 SMTPD(002B02F4) [173.161.182.53] ERR shopping176.com invalid user <axicchie@ms21.hinet.net
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] RCPT TO:<michelle@gmail.com>
05:18 11:40 SMTPD(013C03E8) [208.57.199.251] ERR shopping176.com invalid user <michelle@gmail.com
05:18 11:40 SMTPD(012C0388) [222.154.232.171] RCPT TO:<kingman521@yahoo.com.tw>
05:18 11:40 SMTPD(012C0388) [222.154.232.171] ERR shopping176.com invalid user <kingman521@yahoo.com.tw
05:18 11:40 SMTPD(023E0306) [66.195.146.72] RCPT TO:<1gx@yahoo.com.tw>
05:18 11:40 SMTPD(023E0306) [66.195.146.72] ERR shopping176.com invalid user <1gx@yahoo.com.tw
05:18 11:40 SMTPD(00A7035A) [213.17.144.50] RCPT TO:<w901207@yahoo.com.tw>
欢迎关注本站的微信公众帐号,获取最新邮件资讯与技术文章!
回复

使用道具 举报

badboylife
沙发
发表于 2011-5-18 14:49:15 | 只看该作者
你用imail自带的日志分析软件分析一下日志,看是否是有邮件用户被利用了,
点击程序,imail/Imail Log Analyzer,会生成一个分析文本。你这么看日志本身,很难找到问题
找不到下载链接?请看5DMAIL下载区,下载说明!
回复 支持 反对

使用道具 举报

duozo1985
藤椅
 楼主| 发表于 2011-5-19 10:07:48 | 只看该作者
感谢楼上,我这个版本可能太旧了...没有 Log Analyzer,得装个新的
回复 支持 反对

使用道具 举报

ineedrmb
板凳
发表于 2011-5-19 17:30:21 | 只看该作者
多旧的版本会这个程序都没有?IMAIL本身是没有明显能被利用的漏洞的,设置正确了,用户密码不被盗,基本不可能出现LZ的情况。
八招轻松获取5D金币 5DMail 论坛积分策略详解
回复 支持 反对

使用道具 举报

lgj858
报纸
发表于 2011-5-23 21:35:35 | 只看该作者
你禁止所有用户只是禁止了发
别人还可以发给你啊
回复 支持 反对

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 会员注册

本版积分规则

小黑屋|手机版|Archiver|邮件技术资讯网

GMT+8, 2024-5-16 21:41

Powered by Discuz! X3.2

© 2001-2016 Comsenz Inc.

本论坛为非盈利中立机构,所有言论属发表者个人意见,不代表本论坛立场。内容所涉及版权和法律相关事宜请参考各自所有者的条款。
如认定侵犯了您权利,请联系我们。本论坛原创内容请联系后再行转载并务必保留我站信息。此声明修改不另行通知,保留最终解释权。
*本论坛会员专属QQ群:邮件技术资讯网会员QQ群
 *本论坛会员备用QQ群:邮件技术资讯网备用群

快速回复 返回顶部 返回列表