我的邮件服务器似乎正在发送垃圾邮件,我正在尝试查找原因

我的邮件服务器似乎正在发送垃圾邮件,我正在尝试查找原因

我有一个由 amazon aws 托管的邮件服务器。

我使用 postfix 和 dovecot 在 Ubuntu 14.04 上设置了服务器。

我不断收到邮件投递系统的电子邮件,说邮件被退回给发件人,而我并没有发送。

我在域提供商和 ec2 服务器上设置了 2fa,要登录,我只需将 ssh 端口配置为对特定 IP 开放即可。此外,我还设置了基于密钥的登录,因此只有密钥的所有者才能访问服务器,同时在特定 IP 上注册并使用 1 个非标准用户名登录。

查看我的系统日志,我删除了与我有关的一小部分

Dec  7 21:25:16 ip-myip postfix/smtpd[14438]: Anonymous TLS connection established from dazzle.jagoanhosting.com[103.27.206.196]: TLSv1     with cipher ECDHE-RSA-AES256-SHA (256/256 bits)
Dec  7 21:25:17 ip-myip postfix/smtp[14490]: connect to mx1.comcast.net[96.114.157.80]:25: Connection timed out
Dec  7 21:25:17 ip-ip-myip postfix/smtp[14490]: connect to mx1.comcast.net[2001:558:fe16:1b::15]:25: Network is unreachable
Dec  7 21:25:18 ip-ip-myip postfix/smtpd[14438]: 0E5EB2614C: client=dazzle.jagoanhosting.com[103.27.206.196], sasl_method=LOGIN, [email protected]
Dec  7 21:25:18 ip-ip-myip postfix/cleanup[14441]: 0E5EB2614C: message-id=<[email protected]>
Dec  7 21:25:18 ip-ip-myip postfix/qmgr[1176]: 0E5EB2614C: from=<[email protected]>, size=1734, nrcpt=1 (queue active)
Dec  7 21:25:19 ip-ip-myip postfix/smtpd[14438]: disconnect from dazzle.jagoanhosting.com[103.27.206.196]
Dec  7 21:25:22 ip-ip-myip postfix/smtp[14444]: connect to mta7.am0.yahoodns.net[98.136.216.25]:25: Connection timed out
Dec  7 21:25:22 ip-ip-myip postfix/smtp[14444]: 443D526141: to=<[email protected]>, relay=none, delay=151, delays=0.68/0/150/0, dsn=4.4.1, status=deferred (connect to mta7.am0.yahoodns.net[98.136.216.25]:25: Connection timed out)

就像我说的,这只是一小部分,还有很多这样的台词

首先让我感到困惑的是,我收到的所有退回的电子邮件都引用了我曾经收到过邮件的电子邮件地址,我无法相信这是一个巧合。

我想知道是否有人可以帮助我解决这个问题,或者至少给我指明正确的方向

更新..

我收到的最后一封退回邮件说

From:
Mail Delivery System [email protected]
To:
[email protected]
Subject:
Mail delivery failed: returning message to sender
Body:
This message was created automatically by mail delivery software. 

A message that you sent could not be delivered to one or more of its 
recipients. This is a permanent error. The following address(es) failed: 

  [email protected] 
    Domain larsa.nl has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. 
  [email protected] 
    Domain larsa.nl has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. 
  [email protected] 
    Domain larsa.nl has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. 
  [email protected] 
    Domain larsa.nl has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. 
  [email protected] 
    Domain larsa.nl has exceeded the max defers and failures per hour (5/5 (100%)) allowed. Message discarded. 

现在,从发件人地址来看,我认为没有任何问题,邮件实际上不是从我的服务器发送的,但已发送邮件的地址与我收到的邮件地址非常相似。有人能够随机猜出至少 4 个地址,这非常随机

编辑2

我刚刚检查了 postqueue -p 并返回了此信息。我只包括了最后一天的信息,但那里还有很多

ECE6A2EBD6     1449 Sun Dec 11 17:16:39  [email protected]
                (connect to mx.ono.com[62.42.230.22]:25: Connection timed out)
                                         [email protected]

E9A7E2CDBC     1625 Sun Dec 11 04:40:35  [email protected]
            (connect to mx01.1and1.es[217.72.192.67]:25: Connection timed out)
                                         [email protected]

EE2532CF3A     1604 Sun Dec 11 00:00:10  [email protected]
(delivery temporarily suspended: connect to mx3.hotmail.com[65.55.37.104]:25: Connection timed out)
                                         [email protected]

EE15D2C1B6     1474 Sat Dec 10 02:57:23  [email protected]
(delivery temporarily suspended: connect to mx3.hotmail.com[104.44.194.235]:25: Connection timed out)
                                     [email protected]

-- 67941 Kbytes in 27611 Requests.

这可能是从我的服务器发送的实际电子邮件吗?

我已使用 postsuper -d ALL 从邮件队列中删除了所有邮件

谢谢

相关内容