| [Discussion] Vấn đề postfix "tự động" gửi mail spam |
27/05/2013 16:47:53 (+0700) | #1 | 276026 |
thienphg
Member
![[Minus]](/hvaonline/templates/viet/images/minus.gif "[Minus]") |
0 |
![[Plus]](/hvaonline/templates/viet/images/plus.gif "[Plus]")
|
|
Joined: 19/02/2012 04:58:43
Messages: 13
Offline
|
|
Chào mọi người,
Tôi đang gặp một vấn đề rất lạ như sau:
Trên sever của tôi có cài postfix, chiều nay tôi view log post như mọi lần thì thấy tràn gập spam, một vài dòng log như sau:
Code:
May 27 06:06:31 server postfix/smtp[3900]: 8BF5EBFC020D: to=<officecenternsk@rambler.ru>, relay=imx1.rambler.ru[81.19.66.235]:25, delay=8139, delays=7120/1018/0.16/0.34, dsn=5.7.1, status=bounced (host imx1.rambler.ru[81.19.66.235] said: 540 5.7.1 <officecenternsk@rambler.ru>: Recipient address rejected: Your emails has been returned because the intented recipient's email account has been suspended. The account must be re-activated to receive incoming messages. (in reply to RCPT TO command))
May 27 06:06:31 server postfix/smtp[3876]: warning: network_biopair_interop: error reading 5 bytes from the network: Connection reset by peer
May 27 06:06:31 server postfix/smtp[3966]: certificate verification failed for mx1.spaceweb.ru[77.222.41.36]:25: self-signed certificate
May 27 06:06:31 server postfix/smtp[3917]: A86EFBFC0362: to=<royal@karelia.ru>, relay=mx2.sampo.ru[217.77.53.253]:25, delay=7167, delays=6148/989/0.14/30, dsn=4.0.0, status=deferred (host mx2.sampo.ru[217.77.53.253] said: 451 Greylisting in action, please try again a little later. (in reply to RCPT TO command))
May 27 06:06:31 server postfix/smtp[3881]: 8BF5EBFC020D: to=<spozhidaev@videofon.ru>, relay=mail.videofon.ru[213.129.115.65]:25, delay=8139, delays=7120/1019/0.31/0, dsn=4.0.0, status=deferred (host mail.videofon.ru[213.129.115.65] refused to talk to me: 501 Domain must resolve)
May 27 06:06:32 server postfix/smtp[5646]: 8BF5EBFC020D: to=<holidayvillas@pochta.ru>, relay=mx.qip.ru[62.141.94.155]:25, delay=8139, delays=7120/1018/0.15/0.72, dsn=5.0.0, status=bounced (host mx.qip.ru[62.141.94.155] said: 550 Addresses failed: <a href="mailto:holidayvillas@pochta.ru">holidayvillas@pochta.ru</a> (in reply to end of DATA command))
May 27 06:06:32 server postfix/smtp[3900]: 8BF5EBFC020D: to=<arenda42@rambler.ru>, relay=imx1.rambler.ru[81.19.66.235]:25, delay=8139, delays=7120/1018/0.16/0.69, dsn=5.7.1, status=bounced (host imx1.rambler.ru[81.19.66.235] said: 550 5.7.1 Rejected by malware filter (in reply to end of DATA command))
May 27 06:06:32 server postfix/smtp[3900]: 8BF5EBFC020D: to=<gol25andr@rambler.ru>, relay=imx1.rambler.ru[81.19.66.235]:25, delay=8139, delays=7120/1018/0.16/0.69, dsn=5.7.1, status=bounced (host imx1.rambler.ru[81.19.66.235] said: 550 5.7.1 Rejected by malware filter (in reply to end of DATA command))
May 27 06:06:32 server postfix/smtp[3900]: 8BF5EBFC020D: to=<hotel-e@rambler.ru>, relay=imx1.rambler.ru[81.19.66.235]:25, delay=8139, delays=7120/1018/0.16/0.69, dsn=5.7.1, status=bounced (host imx1.rambler.ru[81.19.66.235] said: 550 5.7.1 Rejected by malware filter (in reply to end of DATA command))
May 27 06:06:32 server postfix/smtp[3913]: certificate verification failed for mx1.spaceweb.ru[77.222.41.43]:25: self-signed certificate
May 27 06:06:32 server postfix/smtp[5646]: AA661BFC02D1: to=<btratanova@bk.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=7534, delays=6515/1019/0.14/0.13, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[3967]: AB0D5BFC0376: to=<sales@santech.kiev.ua>, relay=mail.santech.kiev.ua[212.109.50.74]:25, delay=7097, delays=6077/966/42/12, dsn=2.0.0, status=sent (250 2.0.0 51a33111-000004a9 Message accepted for delivery)
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<agentstvon@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<aistgroup@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<albert_k05@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<alexeevs@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<alexei_erofeev@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<allarendaspb@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<an-koul@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<anrostdominvest@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<bigben63@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<chayka_samara@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<cun62@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<dom-mechta@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<dom_auction@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<egor@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<fanilka84@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<fhlbird@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<gost-bryansk@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[3907]: certificate verification failed for mail.optimaproperties.ru[67.211.195.225]:25: self-signed certificate
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<homeapartmentufa@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<igorvasil05@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<isergeeva84@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<kkm-biz@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<larisa.svir@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<leonidbur@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<mes.kazan1997@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<murmanarenda@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<na-bulvare@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<nashgorod69@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<novsell@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<reznik2004@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<ruslikresler@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<stolica_arenda@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<suzannaros@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<tens61@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<volk-se@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<waseres@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[5802]: 8BF5EBFC020D: to=<waytoestate@mail.ru>, relay=mxs.mail.ru[94.100.176.20]:25, delay=8140, delays=7120/1018/0.14/1.6, dsn=4.0.0, status=deferred (host mxs.mail.ru[94.100.176.20] said: 421 Ratelimit exceeded for 128.127.110.125. Try again later. (in reply to DATA command))
May 27 06:06:32 server postfix/smtp[3876]: AA661BFC02D1: host lion.accord-ece.com[83.167.225.235] said: 451-128.127.110.125 is not yet authorized to deliver mail from 451 <brturbo@mega-f.ru> to <buc@accord-ece.com>. Please try later. (in reply to RCPT TO command)
May 27 06:06:32 server postfix/smtp[3966]: 8BF5EBFC020D: to=<century21@sun-realty.ru>, relay=mx1.spaceweb.ru[77.222.41.36]:25, delay=8140, delays=7120/1018/0.67/0.89, dsn=5.0.0, status=bounced (host mx1.spaceweb.ru[77.222.41.36] said: 550-Verification failed for <sretenko@profaudit.ru> 550-Called: 89.175.177.30 550-Sent: RCPT TO:<sretenko@profaudit.ru> 550-Response: 550 Unknown user 550 Sender verify failed (in reply to RCPT TO command))
May 27 06:06:32 server postfix/smtp[3966]: 8BF5EBFC020D: lost connection with mx1.spaceweb.ru[77.222.41.36] while sending DATA command
May 27 06:06:32 server postfix/smtp[3903]: 7BD4CBFC0372: to=<melnitsa@melnitsa.by>, relay=mx2.activeby.net[109.237.213.144]:25, delay=7047, delays=6027/1013/3.1/4.3, dsn=2.0.0, status=sent (250 OK id=1UguOR-0005n0-IP)
May 27 06:06:32 server postfix/smtp[3876]: certificate verification failed for sumec.onesim.net[81.31.47.108]:25: self-signed certificate
May 27 06:06:33 server postfix/smtp[3900]: AA661BFC02D1: to=<bts@bts.lv>, relay=mx.bts.lv[213.175.71.227]:25, delay=7535, delays=6515/1019/0.74/0.13, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as AE64813E503)
May 27 06:06:33 server postfix/smtp[3917]: certificate verification failed for mx1.bendery.md[89.187.33.3]:25: untrusted issuer /O=CommuniGate Systems, Inc./C=US/ST=CA/L=Mill Valley/OU=CommuniGate Pro/CN=communigate.com/emailAddress=support@communigate.com
May 27 06:06:33 server postfix/smtp[3903]: certificate verification failed for mx01.agnat.pl[193.239.44.66]:25: untrusted issuer /C=US/O=Equifax Secure Inc./CN=Equifax Secure Global eBusiness CA-1
May 27 06:06:33 server postfix/smtp[3875]: 8BF5EBFC020D: host mx.yandex.ru[213.180.204.89] said: 451 4.7.1 Sorry, the service is currently unavailable. Please come back later. Wd5takraWg-BAXOKouw (in reply to end of DATA command)
May 27 06:06:33 server postfix/smtp[3887]: connect to mail.carmez.md[109.185.200.171]:25: No route to host
May 27 06:06:33 server postfix/smtp[3887]: 7BD4CBFC0372: to=<marketing@carmez.md>, relay=none, delay=7048, delays=6027/1011/9.3/0, dsn=4.4.1, status=deferred (connect to mail.carmez.md[109.185.200.171]:25: No route to host)
May 27 06:06:33 server postfix/smtp[3876]: AA661BFC02D1: to=<buc@accord-ece.com>, relay=sumec.onesim.net[81.31.47.108]:25, delay=7535, delays=6515/1019/1.2/0.4, dsn=2.0.0, status=sent (250 OK id=1UguOW-0004x9-2o)
May 27 06:06:33 server postfix/smtp[3887]: certificate verification failed for msx1.colliersit.eu[194.228.3.48]:25: untrusted issuer /CN=mail.colliersit.eu/C=CZ/O=TrustPort Internet Gateway
May 27 06:06:33 server postfix/smtp[5585]: 8BF5EBFC020D: to=<officemanager.marihome@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.136.27]:25, delay=8141, delays=7120/1017/0.12/3.3, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 h3si1968513eeo.41 - gsmtp)
May 27 06:06:33 server postfix/smtp[5585]: 8BF5EBFC020D: to=<realtytk@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.136.27]:25, delay=8141, delays=7120/1017/0.12/3.3, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 h3si1968513eeo.41 - gsmtp)
May 27 06:06:33 server postfix/smtp[5585]: 8BF5EBFC020D: to=<reklama.vremya@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.136.27]:25, delay=8141, delays=7120/1017/0.12/3.3, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 h3si1968513eeo.41 - gsmtp)
May 27 06:06:33 server postfix/smtp[5585]: 8BF5EBFC020D: to=<sosuarent@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.136.27]:25, delay=8141, delays=7120/1017/0.12/3.3, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 h3si1968513eeo.41 - gsmtp)
May 27 06:06:33 server postfix/smtp[5585]: 8BF5EBFC020D: to=<zao.tdn@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.136.27]:25, delay=8141, delays=7120/1017/0.12/3.3, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 h3si1968513eeo.41 - gsmtp)
May 27 06:06:33 server postfix/smtp[3900]: certificate verification failed for mail.co.ru[194.186.47.75]:25: untrusted issuer /C=ZA/ST=Western Cape/L=Cape Town/O=Thawte Consulting cc/OU=Certification Services Division/CN=Thawte Premium Server CA/emailAddress=premium-server@thawte.com
May 27 06:06:33 server postfix/smtp[5802]: AA661BFC02D1: to=<btv@btv.lt>, relay=post.btv.lt[84.15.33.164]:25, delay=7536, delays=6515/1020/0.87/0.28, dsn=5.1.1, status=bounced (host post.btv.lt[84.15.33.164] said: 550 5.1.1 <btv@btv.lt>: Recipient address rejected: User unknown in virtual mailbox table (in reply to RCPT TO command))
May 27 06:06:33 server postfix/smtp[3876]: AA661BFC02D1: host mx1.timeweb.ru[92.53.116.47] said: 451 4.3.2 Internal server error (in reply to RCPT TO command)
May 27 06:06:33 server postfix/smtp[3875]: 8BF5EBFC020D: to=<amira.arenda@ya.ru>, relay=mx.yandex.ru[77.88.21.89]:25, delay=8141, delays=7120/1019/1.9/0.4, dsn=4.7.1, status=deferred (host mx.yandex.ru[77.88.21.89] said: 451 4.7.1 Sorry, the service is currently unavailable. Please come back later. MOObZ5e24S-BCr4K4XI (in reply to end of DATA command))
May 27 06:06:33 server postfix/smtp[5585]: AA661BFC02D1: to=<bu@cva.de>, relay=mxb.expurgate.net[195.190.135.22]:25, delay=7536, delays=6515/1021/0.13/0.22, dsn=5.0.0, status=bounced (host mxb.expurgate.net[195.190.135.22] said: 550 REJECT spam id=expurgator-caa5a3/1369649472-00006B93-0BECF6C5/0-9291478954/0-10 (in reply to end of DATA command))
May 27 06:06:33 server postfix/smtp[5778]: 8BF5EBFC020D: to=<info@ps7.ru>, relay=mx3.peterhost.ru[80.93.62.121]:25, delay=8141, delays=7120/1018/0.32/2.3, dsn=5.0.0, status=bounced (host mx3.peterhost.ru[80.93.62.121] said: 550-Verification failed for <sretenko@profaudit.ru> 550-Called: 89.175.177.30 550-Sent: RCPT TO:<sretenko@profaudit.ru> 550-Response: 550 Unknown user 550-Sender verify callout failed [#1005]. See 550 http://peterhost.ru/wiki/mailerrors/#1005 for details. (in reply to RCPT TO command))
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<gremo@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<grodno_ryba@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<kandi@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<lenor-auto@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<lukos1@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<mhlad1@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<molodechnotorg@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<mroz@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<narovlya@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<nov_hleb@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<ohleb@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<omkk@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<ooonarta@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<pvo55555@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<region-produkt@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<roksven@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<slutsk_hleb@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<yakubik@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5802]: certificate verification failed for mx.cm.hc.ru[89.111.177.200]:25: untrusted issuer /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
May 27 06:06:34 server postfix/smtp[3907]: 8BF5EBFC020D: to=<manager@optimaproperties.ru>, relay=mail.optimaproperties.ru[67.211.195.225]:25, delay=8141, delays=7120/1018/1.9/1.1, dsn=5.0.0, status=bounced (host mail.optimaproperties.ru[67.211.195.225] said: 550 relay not permitted (in reply to RCPT TO command))
May 27 06:06:34 server postfix/smtp[5838]: connect to mail.relcom.kz[80.241.0.90]:25: Connection timed out
May 27 06:06:34 server postfix/smtp[3887]: AA661BFC02D1: to=<bucharest@colliers.ro>, relay=msx1.colliersit.eu[194.228.3.48]:25, delay=7536, delays=6515/1020/0.26/0.51, dsn=4.0.0, status=deferred (host msx1.colliersit.eu[194.228.3.48] said: 451 Aborted, Graylisted ! (in reply to DATA command))
May 27 06:06:34 server postfix/smtp[3888]: certificate verification failed for relay2.relcom.ru[193.124.3.1]:25: self-signed certificate
May 27 06:06:34 server postfix/smtp[5838]: A86EFBFC0362: to=<roza@relcom.kz>, relay=none, delay=7169, delays=6148/991/30/0, dsn=4.4.1, status=deferred (connect to mail.relcom.kz[80.241.0.90]:25: Connection timed out)
May 27 06:06:34 server postfix/smtp[3876]: AA661BFC02D1: to=<bua@cusblaw.ru>, relay=mx1.timeweb.ru[92.53.116.53]:25, delay=7536, delays=6515/1020/0.53/0.28, dsn=5.7.0, status=bounced (host mx1.timeweb.ru[92.53.116.53] said: 535 5.7.0 Your ip blocked (Disabled 128.127.110.125 - contact <a href="mailto:support@timeweb.ru">support@timeweb.ru</a> (reason: invalid or absent ptr)) (in reply to RCPT TO command))
May 27 06:06:34 server postfix/smtp[5778]: AA661BFC02D1: host mx1.edunet.ru[213.184.128.170] said: 450 4.2.0 <bubi@edunet.ru>: Recipient address rejected: Greylisted for 300 seconds (in reply to RCPT TO command)
root@server:/var/log# tail -20f mail1.log.debug
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<molodechnotorg@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<mroz@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<narovlya@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<nov_hleb@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<ohleb@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<omkk@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<ooonarta@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<pvo55555@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<region-produkt@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<roksven@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<slutsk_hleb@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5794]: 7BD4CBFC0372: to=<yakubik@tut.by>, relay=ASPMX.L.GOOGLE.COM[74.125.136.26]:25, delay=7049, delays=6027/1013/0.13/7.7, dsn=2.0.0, status=sent (250 2.0.0 OK 1369649472 i48si11053669eem.27 - gsmtp)
May 27 06:06:34 server postfix/smtp[5802]: certificate verification failed for mx.cm.hc.ru[89.111.177.200]:25: untrusted issuer /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
May 27 06:06:34 server postfix/smtp[3907]: 8BF5EBFC020D: to=<manager@optimaproperties.ru>, relay=mail.optimaproperties.ru[67.211.195.225]:25, delay=8141, delays=7120/1018/1.9/1.1, dsn=5.0.0, status=bounced (host mail.optimaproperties.ru[67.211.195.225] said: 550 relay not permitted (in reply to RCPT TO command))
May 27 06:06:34 server postfix/smtp[5838]: connect to mail.relcom.kz[80.241.0.90]:25: Connection timed out
May 27 06:06:34 server postfix/smtp[3887]: AA661BFC02D1: to=<bucharest@colliers.ro>, relay=msx1.colliersit.eu[194.228.3.48]:25, delay=7536, delays=6515/1020/0.26/0.51, dsn=4.0.0, status=deferred (host msx1.colliersit.eu[194.228.3.48] said: 451 Aborted, Graylisted ! (in reply to DATA command))
May 27 06:06:34 server postfix/smtp[3888]: certificate verification failed for relay2.relcom.ru[193.124.3.1]:25: self-signed certificate
May 27 06:06:34 server postfix/smtp[5838]: A86EFBFC0362: to=<roza@relcom.kz>, relay=none, delay=7169, delays=6148/991/30/0, dsn=4.4.1, status=deferred (connect to mail.relcom.kz[80.241.0.90]:25: Connection timed out)
May 27 06:06:34 server postfix/smtp[3876]: AA661BFC02D1: to=<bua@cusblaw.ru>, relay=mx1.timeweb.ru[92.53.116.53]:25, delay=7536, delays=6515/1020/0.53/0.28, dsn=5.7.0, status=bounced (host mx1.timeweb.ru[92.53.116.53] said: 535 5.7.0 Your ip blocked (Disabled 128.127.110.125 - contact <a href="mailto:support@timeweb.ru">support@timeweb.ru</a> (reason: invalid or absent ptr)) (in reply to RCPT TO command))
May 27 06:06:34 server postfix/smtp[5778]: AA661BFC02D1: host mx1.edunet.ru[213.184.128.170] said: 450 4.2.0 <bubi@edunet.ru>: Recipient address rejected: Greylisted for 300 seconds (in reply to RCPT TO command)
smtp của tôi ở port 25 và trong lúc postfix vẫn send spam tôi kiểm tra port 25 thì không thấy bất cứ connect nào từ bên ngoài.
Code:
tcp 0 0 210.55.xxx.xxx:49867 193.233.67.16:25 ESTABLISHED 13885/smtp
tcp 0 0 210.55.xxx.xxx:47633 93.157.96.57:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:51182 83.138.52.7:25 SYN_SENT 13955/smtp
tcp 0 1 210.55.xxx.xxx:50658 91.188.51.42:25 SYN_SENT 13959/smtp
tcp 0 0 210.55.xxx.xxx:60531 62.149.2.57:25 ESTABLISHED 13911/smtp
tcp 0 0 210.55.xxx.xxx:37688 77.222.41.36:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:37783 77.222.41.36:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:37795 77.222.41.36:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:38221 77.222.41.36:25 ESTABLISHED 13898/smtp
tcp 0 0 210.55.xxx.xxx:38222 77.222.41.36:25 ESTABLISHED 13896/smtp
tcp 0 0 210.55.xxx.xxx:38251 77.222.41.36:25 ESTABLISHED 13930/smtp
tcp 0 0 210.55.xxx.xxx:38253 77.222.41.36:25 ESTABLISHED 13927/smtp
tcp 0 0 210.55.xxx.xxx:38245 77.222.41.36:25 ESTABLISHED 13925/smtp
tcp 0 0 210.55.xxx.xxx:48129 62.213.75.100:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:38294 77.222.41.36:25 ESTABLISHED 13950/smtp
tcp 0 0 210.55.xxx.xxx:38306 77.222.41.36:25 ESTABLISHED 13941/smtp
tcp 0 0 210.55.xxx.xxx:48657 62.213.75.100:25 ESTABLISHED 13931/smtp
tcp 0 7 210.55.xxx.xxx:59074 114.108.154.165:25 FIN_WAIT1 -
tcp 0 1 210.55.xxx.xxx:58806 216.34.191.52:25 SYN_SENT 13943/smtp
tcp 0 1 210.55.xxx.xxx:58812 216.34.191.52:25 SYN_SENT 13946/smtp
tcp 0 0 210.55.xxx.xxx:51186 85.90.212.5:25 ESTABLISHED 13904/smtp
tcp 0 0 210.55.xxx.xxx:44644 194.67.255.46:25 ESTABLISHED 13919/smtp
tcp 0 1 210.55.xxx.xxx:36298 82.199.98.1:25 SYN_SENT 13878/smtp
tcp 0 0 210.55.xxx.xxx:59841 195.131.52.143:25 ESTABLISHED 13868/smtp
tcp 0 1 210.55.xxx.xxx:43556 195.206.40.175:25 SYN_SENT 13880/smtp
tcp 0 0 210.55.xxx.xxx:42556 195.206.40.177:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:51976 212.23.64.147:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:52332 89.235.154.75:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:52829 89.235.154.75:25 ESTABLISHED 13907/smtp
tcp 0 1 210.55.xxx.xxx:57128 194.85.61.78:25 SYN_SENT 13909/smtp
tcp 0 0 210.55.xxx.xxx:56067 194.84.81.222:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:48215 194.226.144.45:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:45930 66.246.213.114:25 SYN_SENT 13866/smtp
tcp 0 0 210.55.xxx.xxx:59386 82.179.191.58:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:32966 217.16.16.81:25 SYN_SENT 13886/smtp
tcp 0 1 210.55.xxx.xxx:32982 217.16.16.81:25 SYN_SENT 13923/smtp
tcp 0 1 210.55.xxx.xxx:33004 217.16.16.81:25 SYN_SENT 13881/smtp
tcp 0 1 210.55.xxx.xxx:33010 217.16.16.81:25 SYN_SENT 13926/smtp
tcp 0 1 210.55.xxx.xxx:33013 217.16.16.81:25 SYN_SENT 13912/smtp
tcp 0 1 210.55.xxx.xxx:32940 217.16.16.81:25 SYN_SENT 13890/smtp
tcp 0 1 210.55.xxx.xxx:33097 217.16.16.81:25 SYN_SENT 13932/smtp
tcp 0 1 210.55.xxx.xxx:33101 217.16.16.81:25 SYN_SENT 13952/smtp
tcp 0 1 210.55.xxx.xxx:33089 217.16.16.81:25 SYN_SENT 13954/smtp
tcp 0 1 210.55.xxx.xxx:33108 217.16.16.81:25 SYN_SENT 13967/smtp
tcp 0 1 210.55.xxx.xxx:33054 217.16.16.81:25 SYN_SENT 13962/smtp
tcp 0 1 210.55.xxx.xxx:33056 217.16.16.81:25 SYN_SENT 13963/smtp
tcp 0 1 210.55.xxx.xxx:33062 217.16.16.81:25 SYN_SENT 13903/smtp
tcp 0 1 210.55.xxx.xxx:33086 217.16.16.81:25 SYN_SENT 13966/smtp
tcp 0 1 210.55.xxx.xxx:34301 109.232.168.17:25 SYN_SENT 13957/smtp
tcp 0 0 210.55.xxx.xxx:52750 195.66.68.17:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:48496 89.108.120.137:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:51129 194.85.88.233:25 ESTABLISHED 13870/smtp
tcp 0 0 210.55.xxx.xxx:51100 194.85.88.233:25 ESTABLISHED 13922/smtp
tcp 0 1 210.55.xxx.xxx:56274 81.89.65.2:25 SYN_SENT 13918/smtp
tcp 0 1 210.55.xxx.xxx:32813 82.179.190.63:25 SYN_SENT 13951/smtp
tcp 0 1 210.55.xxx.xxx:54294 62.89.84.99:25 SYN_SENT 13958/smtp
tcp 0 0 210.55.xxx.xxx:55063 195.184.192.23:25 ESTABLISHED 13895/smtp
tcp 0 0 210.55.xxx.xxx:58754 193.178.228.13:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:57954 195.19.71.16:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:42078 92.103.69.44:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:51467 213.180.204.25:25 SYN_SENT 13947/smtp
tcp 0 1 210.55.xxx.xxx:35332 188.212.201.14:25 SYN_SENT 13942/smtp
tcp 0 0 210.55.xxx.xxx:49819 217.7.23.170:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:49760 217.7.23.170:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:50154 178.255.233.162:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:57833 212.44.69.6:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:38545 217.116.148.12:25 ESTABLISHED 13921/smtp
tcp 0 0 210.55.xxx.xxx:46051 217.197.114.100:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:46042 217.197.114.100:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:47758 89.188.104.8:25 ESTABLISHED 13929/smtp
tcp 0 1 210.55.xxx.xxx:33035 195.161.113.199:25 SYN_SENT 13865/smtp
tcp 0 1 210.55.xxx.xxx:53889 194.186.19.19:25 SYN_SENT 13899/smtp
tcp 0 1 210.55.xxx.xxx:34990 114.108.154.208:25 SYN_SENT 13965/smtp
tcp 0 1 210.55.xxx.xxx:52018 72.8.150.14:25 SYN_SENT 13905/smtp
tcp 0 1 210.55.xxx.xxx:35624 148.240.4.32:25 SYN_SENT 13869/smtp
tcp 0 1 210.55.xxx.xxx:35628 148.240.4.32:25 SYN_SENT 13939/smtp
tcp 0 1 210.55.xxx.xxx:35645 148.240.4.32:25 SYN_SENT 13953/smtp
tcp 0 1 210.55.xxx.xxx:35658 148.240.4.32:25 SYN_SENT 13960/smtp
tcp 0 1 210.55.xxx.xxx:35660 148.240.4.32:25 SYN_SENT 13964/smtp
tcp 0 1 210.55.xxx.xxx:35652 148.240.4.32:25 SYN_SENT 13956/smtp
tcp 0 1 210.55.xxx.xxx:35535 148.240.4.32:25 SYN_SENT 13877/smtp
tcp 0 1 210.55.xxx.xxx:35524 148.240.4.32:25 SYN_SENT 13871/smtp
tcp 0 0 210.55.xxx.xxx:54448 92.240.66.34:25 ESTABLISHED 13948/smtp
tcp 0 0 210.55.xxx.xxx:59494 195.24.128.66:25 ESTABLISHED 13908/smtp
tcp 0 0 210.55.xxx.xxx:60060 77.222.41.43:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:60114 77.222.41.43:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:60105 77.222.41.43:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:60108 77.222.41.43:25 FIN_WAIT2 -
tcp 0 0 210.55.xxx.xxx:60405 77.222.41.41:25 ESTABLISHED 13882/smtp
tcp 0 0 210.55.xxx.xxx:60241 176.9.216.4:25 ESTABLISHED 13884/smtp
tcp 0 0 210.55.xxx.xxx:52826 62.165.36.142:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:34674 213.186.120.102:25 ESTABLISHED 13914/smtp
tcp 0 0 210.55.xxx.xxx:54250 217.25.150.122:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:60653 195.131.52.142:25 ESTABLISHED 13920/smtp
tcp 0 1 210.55.xxx.xxx:44143 212.5.161.25:25 SYN_SENT 13892/smtp
tcp 0 0 210.55.xxx.xxx:35706 194.186.45.245:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:35700 194.186.45.245:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:35789 194.186.45.245:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:35783 194.186.45.245:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:38748 81.22.196.162:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:52855 91.207.25.7:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:40316 195.72.250.44:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:32816 80.71.250.50:25 SYN_SENT 13917/smtp
tcp 0 0 210.55.xxx.xxx:50482 217.112.35.101:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:50654 217.112.35.101:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:50600 217.112.35.101:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:39064 90.156.155.105:25 SYN_SENT 13915/smtp
tcp 0 0 210.55.xxx.xxx:55277 64.20.60.10:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:47710 194.44.122.238:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:38868 195.214.192.100:25 SYN_SENT 13893/smtp
tcp 0 1 210.55.xxx.xxx:37489 109.70.26.36:25 SYN_SENT 13876/smtp
tcp 0 1 210.55.xxx.xxx:46076 195.24.65.3:25 SYN_SENT 13933/smtp
tcp 0 0 210.55.xxx.xxx:46065 193.178.228.8:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:37894 194.58.66.62:25 ESTABLISHED 13894/smtp
tcp 0 1 210.55.xxx.xxx:38735 90.156.155.65:25 SYN_SENT 13901/smtp
tcp 0 1 210.55.xxx.xxx:38752 90.156.155.65:25 SYN_SENT 13944/smtp
tcp 0 0 210.55.xxx.xxx:49875 81.177.139.33:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:44261 90.156.155.115:25 SYN_SENT 13961/smtp
tcp 0 0 210.55.xxx.xxx:45443 212.33.11.67:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:51551 193.110.120.2:25 ESTABLISHED 13969/smtp
tcp 0 1 210.55.xxx.xxx:44128 90.156.155.145:25 SYN_SENT 13875/smtp
tcp 0 1 210.55.xxx.xxx:44139 90.156.155.145:25 SYN_SENT 13887/smtp
tcp 0 1 210.55.xxx.xxx:44143 90.156.155.145:25 SYN_SENT 13863/smtp
tcp 0 1 210.55.xxx.xxx:44141 90.156.155.145:25 SYN_SENT 13888/smtp
tcp 0 1 210.55.xxx.xxx:44151 90.156.155.145:25 SYN_SENT 13902/smtp
tcp 0 1 210.55.xxx.xxx:44120 90.156.155.145:25 SYN_SENT 13867/smtp
tcp 0 1 210.55.xxx.xxx:44127 90.156.155.145:25 SYN_SENT 13873/smtp
tcp 0 1 210.55.xxx.xxx:44124 90.156.155.145:25 SYN_SENT 13872/smtp
tcp 0 1 210.55.xxx.xxx:44199 90.156.155.145:25 SYN_SENT 13883/smtp
tcp 0 1 210.55.xxx.xxx:44208 90.156.155.145:25 SYN_SENT 13936/smtp
tcp 0 1 210.55.xxx.xxx:44296 90.156.155.145:25 SYN_SENT 13968/smtp
tcp 0 0 210.55.xxx.xxx:52283 194.85.88.242:25 ESTABLISHED 13879/smtp
tcp 0 0 210.55.xxx.xxx:44824 195.248.191.95:25 ESTABLISHED 13916/smtp
tcp 0 0 210.55.xxx.xxx:44808 195.248.191.95:25 ESTABLISHED 13906/smtp
tcp 0 0 210.55.xxx.xxx:44729 62.148.128.4:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:58940 90.156.155.95:25 SYN_SENT 13940/smtp
tcp 0 1 210.55.xxx.xxx:58968 90.156.155.95:25 SYN_SENT 13945/smtp
tcp 0 1 210.55.xxx.xxx:37497 90.156.155.55:25 SYN_SENT 13874/smtp
tcp 0 1 210.55.xxx.xxx:58424 90.156.155.75:25 SYN_SENT 13924/smtp
tcp 0 1 210.55.xxx.xxx:60077 195.46.105.253:25 SYN_SENT 13934/smtp
tcp 0 0 210.55.xxx.xxx:48823 91.211.208.46:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:60960 90.156.155.135:25 SYN_SENT 13900/smtp
tcp 0 1 210.55.xxx.xxx:59547 80.78.35.19:25 SYN_SENT 13910/smtp
tcp 0 0 210.55.xxx.xxx:46586 194.67.34.66:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:46737 194.67.34.66:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:35112 62.148.128.2:25 TIME_WAIT -
tcp 0 0 210.55.xxx.xxx:38566 94.153.240.126:25 TIME_WAIT -
tcp 0 1 210.55.xxx.xxx:39389 90.156.155.25:25 SYN_SENT 13928/smtp
tcp 0 1 210.55.xxx.xxx:39425 90.156.155.25:25 SYN_SENT 13938/smtp
tcp 0 0 210.55.xxx.xxx:55858 62.63.81.195:25 ESTABLISHED 13897/smtp
Tôi cảm thấy bế tắc và đã off postfix vì nếu tiếp tục thì sever của tôi sẽ nằm trong blacklist.
Nhờ mọi người tư vấn giúp tôi, thanks. |
|
|
 |
|
| [Discussion] Vấn đề postfix "tự động" gửi mail spam |
27/05/2013 23:27:49 (+0700) | #2 | 276036 |
![[Avatar]](/hvaonline/images/avatar/3f44f3018ff71ff4a7d22a98f3babb55.png "[Avatar]")
|
quanta
Moderator
|
Joined: 28/07/2006 14:44:21
Messages: 7265
Location: $ locate `whoami`
Offline
|
|
| Bạn gửi kết quả khi chạy `postconf -n` lên nhé. |
|
| Let's build on a great foundation! |
|
|
|
| [Discussion] Vấn đề postfix "tự động" gửi mail spam |
28/05/2013 21:32:33 (+0700) | #3 | 276066 |
thienphg
Member
|
|
0 |
|
|
Joined: 19/02/2012 04:58:43
Messages: 13
Offline
|
|
Chào quanta,
Dưới đây là cấu hình postfix tôi đang dùng
Code:
config_directory = /etc/postfix
inet_interfaces = 127.0.0.1
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailbox_size_limit = 0
mydestination = mail.company.com
myhostname = mail.company.com
mynetworks = 127.0.0.0/8
relay_domains = mail.company.com
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem
smtpd_tls_key_file = /etc/postfix/ssl/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_uid_maps = static:5000
Hôm nay mail server của tôi đã nằm trong blacklist của gmail 
|
|
|
|
|
| [Discussion] Vấn đề postfix "tự động" gửi mail spam |
28/05/2013 22:40:41 (+0700) | #4 | 276067 |
|
quanta
Moderator
|
Joined: 28/07/2006 14:44:21
Messages: 7265
Location: $ locate `whoami`
Offline
|
|
Bạn để ý xem trước hàng loạt cái "to=" kia có cái "from=" nào không?
Có 3 parameters chính có thể được dùng để chặn spam:
1. smtpd_helo_restrictions: http://www.postfix.org/postconf.5.html#smtpd_helo_restrictions
2. smtpd_sender_restrictions: http://www.postfix.org/postconf.5.html#smtpd_sender_restrictions
3. smtpd_recipient_restrictions: http://www.postfix.org/postconf.5.html#smtpd_recipient_restrictions
Nhìn qua config của bạn thì không thấy có 1. và 2. smtpd_recipient_restrictions cũng thiếu mấy cái như: check_policy_service, reject_unknown_recipient_domain, reject_unverified_recipient, ... |
|
| Let's build on a great foundation! |
|
|
|
| [Discussion] Vấn đề postfix "tự động" gửi mail spam |
28/05/2013 22:45:10 (+0700) | #5 | 276068 |
bino1810
Member
|
|
0 |
|
|
Joined: 10/02/2012 10:38:28
Messages: 61
Location: /home/cuonglm
Offline
|
|
| Bạn đang dùng postfix bản bao nhiêu? |
|
| There is more than one way to do it! |
|
| Users currently in here |
|
1 Anonymous
|
|
Powered by JForum - Extended by HVAOnline
hvaonline.net | hvaforum.net | hvazone.net | hvanews.net | vnhacker.org
1999 - 2013 ©
v2012|0504|218|
|
|
![[Rule]](/hvaonline/templates/viet/images/icon_mini_rule.gif "[Rule]"){kind=icon}
![[Home]](/hvaonline/templates/viet/images/icon_mini_groups.gif "[Home]"){kind=icon}
![[Portal]](/hvaonline/templates/viet/images/icon_mini_portal.gif "[Portal]"){kind=icon}
![[Members]](/hvaonline/templates/viet/images/icon_mini_members.gif "[Members]"){kind=icon}
![[Statistics]](/hvaonline/templates/viet/images/icon_mini_stats.gif "[Statistics]"){kind=icon}
![[Search]](/hvaonline/templates/viet/images/icon_mini_search.gif "[Search]"){kind=icon}
![[Reading Room]](/hvaonline/templates/viet/images/icon_mini_book.gif "[Reading Room]"){kind=icon}
![[Register]](/hvaonline/templates/viet/images/icon_mini_register.gif "[Register]"){kind=icon}
Register![[Login]](/hvaonline/templates/viet/images/icon_mini_login.gif "[Login]"){kind=icon}
Login [
Thảo luận hệ điều hành *nix
![[Profile]](/hvaonline/templates/viet/images/en_US/icon_profile.gif "[Profile]"){kind=icon}
![[PM]](/hvaonline/templates/viet/images/en_US/icon_pm.gif "[PM]"){kind=icon}
![[Up]](/hvaonline/templates/viet/images/en_US/icon_up.gif "[Up]"){kind=icon}
![[Print Copy]](/hvaonline/templates/viet/images/en_US/icon_print.gif "[Print Copy]"){kind=icon}
![[digg]](/hvaonline/templates/viet/images/digg.gif "[digg]")
![[delicious]](/hvaonline/templates/viet/images/delicious.gif "[delicious]")
![[google]](/hvaonline/templates/viet/images/google.gif "[google]")
![[yahoo]](/hvaonline/templates/viet/images/yahoo.gif "[yahoo]")
![[technorati]](/hvaonline/templates/viet/images/technorati.gif "[technorati]")
![[reddit]](/hvaonline/templates/viet/images/reddit.gif "[reddit]")
![[stumbleupon]](/hvaonline/templates/viet/images/stumbleupon.gif "[stumbleupon]")