今天,我发现我的服务器无法工作,因为它已经满了。我检查了日志,发现日志已经增长了很多,我删除了它们,以便一切正常。现在,通过当前的日志,我看到了很多可疑活动。
邮件日志:
Aug 18 23:09:29 veepiz postfix/smtpd[16724]: match_list_match: unknown: no match
Aug 18 23:09:29 veepiz postfix/smtpd[16904]: match_hostaddr: 61.67.184.122 ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[13321]: input attribute name: nexthop
Aug 18 23:09:29 veepiz postfix/smtpd[12192]: private/rewrite socket: wanted attribute: flags
Aug 18 23:09:29 veepiz postfix/smtpd[12800]: input attribute value: (end)
Aug 18 23:09:29 veepiz postfix/smtpd[17483]: private/anvil: wanted attribute: rate
Aug 18 23:09:29 veepiz postfix/smtpd[12468]: smtp_get: EOF
Aug 18 23:09:29 veepiz postfix/smtpd[17928]: send attr milter_actions = 17
Aug 18 23:09:29 veepiz postfix/smtpd[16135]: generic_checks: name=reject_unauth_destination
Aug 18 23:09:29 veepiz postfix/smtpd[19163]: input attribute value: 7476A1659B3
Aug 18 23:09:29 veepiz postfix/smtpd[14164]: private/rewrite socket: wanted attribute: flags
Aug 18 23:09:29 veepiz postfix/smtpd[19366]: input attribute value: smtp
Aug 18 23:09:29 veepiz postfix/smtpd[15307]: match_hostname: dsl093-059-178.blt1.dsl.speakeasy.net ~? 127.0.0.1/32
Aug 18 23:09:29 veepiz postfix/smtpd[15951]: milter8_connect: milter inet:127.0.0.1:20209 version 2
Aug 18 23:09:29 veepiz postfix/smtpd[15865]: send attr ident = smtp:202.91.239.165
Aug 18 23:09:29 veepiz postfix/smtpd[15569]: ctable_locate: leave existing entry key [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[12901]: disconnect from dsl093-059-178.blt1.dsl.speakeasy.net[66.93.59.178]
Aug 18 23:09:29 veepiz postfix/smtpd[13166]: match_hostaddr: 202.53.71.60 ~? 127.0.0.1/32
Aug 18 23:09:29 veepiz postfix/smtpd[18364]: match_hostname: unknown ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[12205]: input attribute value: 2048
Aug 18 23:09:29 veepiz postfix/smtpd[14859]: match_list_match: unknown: no match
Aug 18 23:09:29 veepiz postfix/smtpd[18082]: generic_checks: name=permit_mynetworks
Aug 18 23:09:29 veepiz opendkim[19722]: OpenDKIM Filter: Unable to create listening socket on conn inet:20209@localhost
Aug 18 23:09:29 veepiz postfix/smtpd[19586]: name_mask: resource
Aug 18 23:09:29 veepiz postfix/smtpd[14764]: match_hostaddr: 122.201.66.80 ~? 127.0.0.1/32
Aug 18 23:09:29 veepiz postfix/smtpd[12265]: input attribute name: count
Aug 18 23:09:29 veepiz postfix/smtpd[19034]: match_hostaddr: 82.71.212.10 ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[18460]: match_hostaddr: 190.146.184.219 ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[17099]: match_hostaddr: 178.83.29.189 ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[17710]: match_hostname: unknown ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[14232]: disconnect event to all milters
Aug 18 23:09:29 veepiz postfix/smtpd[15782]: input attribute name: (end)
Aug 18 23:09:29 veepiz postfix/smtpd[18174]: milter_macro_lookup: "v"
Aug 18 23:09:29 veepiz postfix/smtpd[12122]: send attr sender =
Aug 18 23:09:29 veepiz postfix/smtpd[16633]: match_hostname: unknown ~? 127.0.0.1/32
Aug 18 23:09:29 veepiz postfix/smtpd[15479]: private/rewrite socket: wanted attribute: flags
Aug 18 23:09:29 veepiz postfix/smtpd[13872]: event: SMFIC_CONNECT; macros: j=veepiz.com {daemon_name}=veepiz.com v=Postfix 2.3.3
Aug 18 23:09:29 veepiz postfix/smtpd[15132]: input attribute name: (end)
Aug 18 23:09:29 veepiz postfix/smtpd[16806]: E5A4C1654DE: reject: RCPT from unknown[59.163.57.239]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<59.163.57.239.static.vsnl.net.in>
Aug 18 23:09:29 veepiz postfix/smtpd[14527]: match_hostname: unknown ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[12222]: match_list_match: gmail.com: no match
Aug 18 23:09:29 veepiz postfix/smtpd[15648]: private/rewrite socket: wanted attribute: address
Aug 18 23:09:29 veepiz postfix/smtpd[13525]: match_string: hotmail.com ~? veepiz.com
Aug 18 23:09:29 veepiz postfix/smtpd[12639]: permit_auth_destination: [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[18793]: milter8_connect: milter inet:127.0.0.1:20209 version 2
Aug 18 23:09:29 veepiz postfix/smtpd[13076]: input attribute name: (end)
Aug 18 23:09:29 veepiz postfix/smtpd[17002]: private/rewrite socket: wanted attribute: (list terminator)
Aug 18 23:09:29 veepiz postfix/smtpd[18678]: generic_checks: name=reject_unauth_destination
Aug 18 23:09:29 veepiz postfix/smtpd[13243]: milter_macro_lookup: "{rcpt_addr}"
Aug 18 23:09:29 veepiz postfix/smtpd[13626]: private/rewrite socket: wanted attribute: (list terminator)
Aug 18 23:09:29 veepiz postfix/smtpd[18566]: match_hostaddr: 112.166.135.242 ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[18913]: public/cleanup socket: wanted attribute: queue_id
Aug 18 23:09:29 veepiz postfix/smtpd[16226]: < unknown[61.19.246.53]: RCPT TO: <[email protected]>
Aug 18 23:09:29 veepiz postfix/smtpd[12213]: ctable_locate: leave existing entry key [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[13785]: match_list_match: 61.133.8.74: no match
Aug 18 23:09:29 veepiz postfix/smtpd[16360]: < unknown[200.68.18.101]: RCPT TO: <[email protected]>
Aug 18 23:09:29 veepiz postfix/smtpd[14682]: send attr ident = smtp:201.236.80.197
Aug 18 23:09:29 veepiz postfix/smtpd[13712]: input attribute value: (end)
Aug 18 23:09:29 veepiz postfix/smtpd[12331]: > unknown[200.6.252.70]: 250 2.0.0 Ok
Aug 18 23:09:29 veepiz postfix/smtpd[17297]: milter8_connect: milter inet:127.0.0.1:20209 version 2
Aug 18 23:09:29 veepiz postfix/smtpd[13946]: report connect to all milters
Aug 18 23:09:29 veepiz postfix/smtpd[12980]: send attr address = [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[15223]: send attr address = [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[16046]: input attribute name: address
Aug 18 23:09:29 veepiz postfix/smtpd[13423]: match_hostaddr: 110.74.129.159 ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[18264]: match_hostaddr: 200.160.111.154 ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[12158]: input attribute name: flags
Aug 18 23:09:29 veepiz postfix/smtpd[14952]: generic_checks: name=permit_mynetworks
Aug 18 23:09:29 veepiz postfix/smtpd[15045]: reply: SMFIR_CONTINUE data 0 bytes
Aug 18 23:09:29 veepiz postfix/smtpd[14014]: ctable_locate: install entry key [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[12165]: match_hostaddr: 189.7.37.81 ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[15390]: < unknown[77.91.195.16]: RSET
Aug 18 23:09:29 veepiz postfix/smtpd[14083]: match_list_match: unknown: no match
Aug 18 23:09:29 veepiz postfix/smtpd[16450]: match_string: gmail.com ~? veepiz.com
Aug 18 23:09:29 veepiz postfix/qmgr[12109]: B868E165652: to=<[email protected]>, relay=none, delay=13716, delays=13522/194/0/0, dsn=4.7.0, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.0 [TS01] Messages from 50.57.111.177 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
Aug 18 23:09:29 veepiz postfix/smtpd[12150]: permit_mynetworks: ks390655.kimsufi.com 188.165.248.79
Aug 18 23:09:29 veepiz postfix/smtpd[16724]: match_list_match: 208.87.240.34: no match
Aug 18 23:09:29 veepiz postfix/smtpd[16904]: match_list_match: 61-67-184-host122.kbtelecom.net.tw: no match
Aug 18 23:09:29 veepiz postfix/smtpd[12192]: input attribute name: flags
Aug 18 23:09:29 veepiz postfix/smtpd[13321]: input attribute value: gmail.com
Aug 18 23:09:29 veepiz postfix/smtpd[12800]: public/cleanup socket: wanted attribute: (list terminator)
Aug 18 23:09:29 veepiz postfix/smtpd[17483]: input attribute name: rate
Aug 18 23:09:29 veepiz postfix/smtpd[12468]: match_hostname: unknown ~? 127.0.0.1/32
Aug 18 23:09:29 veepiz postfix/smtpd[17928]: send attr milter_events = 0
Aug 18 23:09:29 veepiz postfix/smtpd[16135]: reject_unauth_destination: [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[19163]: public/cleanup socket: wanted attribute: (list terminator)
Aug 18 23:09:29 veepiz postfix/smtpd[14164]: input attribute name: flags
Aug 18 23:09:29 veepiz postfix/smtpd[19366]: private/rewrite socket: wanted attribute: nexthop
Aug 18 23:09:29 veepiz postfix/smtpd[15307]: match_hostaddr: 66.93.59.178 ~? 127.0.0.1/32
Aug 18 23:09:29 veepiz postfix/smtpd[15951]: milter8_connect: events
Aug 18 23:09:29 veepiz postfix/smtpd[15865]: private/anvil: wanted attribute: status
Aug 18 23:09:29 veepiz postfix/smtpd[15569]: NOQUEUE: reject: RCPT from unknown[195.239.156.234]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=SMTP helo=<mail.bkrb.ru>
Aug 18 23:09:29 veepiz postfix/smtpd[12901]: master_notify: status 1
Aug 18 23:09:29 veepiz postfix/smtpd[13166]: match_hostname: unknown ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[18364]: match_hostaddr: 190.26.210.23 ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[12205]: private/rewrite socket: wanted attribute: (list terminator)
Aug 18 23:09:29 veepiz postfix/smtpd[14859]: match_list_match: 98.142.210.165: no match
Aug 18 23:09:29 veepiz postfix/smtpd[18082]: permit_mynetworks: unknown 124.95.140.14
Aug 18 23:09:29 veepiz opendkim[19722]: smfi_opensocket() failed
Aug 18 23:09:29 veepiz postfix/smtpd[12713]: < unknown[190.182.52.113]: RCPT TO: <[email protected]>
Aug 18 23:09:29 veepiz postfix/smtpd[19586]: name_mask: software
Aug 18 23:09:29 veepiz postfix/smtpd[14764]: match_hostname: unknown ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[12265]: input attribute value: 1
Aug 18 23:09:29 veepiz postfix/smtpd[19034]: match_list_match: pancake.2280.net: no match
Aug 18 23:09:29 veepiz postfix/smtpd[18460]: match_list_match: unknown: no match
Aug 18 23:09:29 veepiz postfix/smtpd[17099]: match_hostname: 178-83-29-189.dynamic.hispeed.ch ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[17710]: match_hostaddr: 61.155.164.76 ~? 50.57.111.177/32
Aug 18 23:09:29 veepiz postfix/smtpd[15715]: < unknown[202.91.239.165]: RCPT TO: <[email protected]>
Aug 18 23:09:29 veepiz postfix/smtpd[15782]: rewrite_clnt: local: [email protected] -> [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[18174]: milter_macro_lookup: result "Postfix 2.3.3"
Aug 18 23:09:29 veepiz postfix/smtpd[12122]: send attr address = [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[16633]: match_hostaddr: 96.9.160.96 ~? 127.0.0.1/32
Aug 18 23:09:29 veepiz postfix/smtp[19166]: D8DCA164E37: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[74.125.67.27]:25, delay=572, delays=342/214/0.11/16, dsn=5.1.1, status=bounced (host gmail-smtp-in.l.google.com[74.125.67.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://mail.google.com/support/bin/answer.py?answer=6596 l14si8292456ybg.13 (in reply to RCPT TO command))
Aug 18 23:09:29 veepiz postfix/smtpd[14232]: milter8_disc_event: quit milter inet:127.0.0.1:20209
Aug 18 23:09:29 veepiz postfix/smtpd[15479]: input attribute name: flags
Aug 18 23:09:29 veepiz postfix/smtpd[13872]: reply: SMFIR_CONTINUE data 0 bytes
Aug 18 23:09:29 veepiz postfix/smtpd[15132]: resolve_clnt: `' -> `[email protected]' -> transp=`smtp' host=`yahoo.com.tw' rcpt=`[email protected]' flags= class=default
Aug 18 23:09:29 veepiz postfix/smtpd[16806]: generic_checks: name=reject_unauth_destination status=2
Aug 18 23:09:29 veepiz postfix/smtpd[14527]: match_hostaddr: 189.16.128.130 ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[12222]: maps_find: virtual_alias_maps: @gmail.com: not found
Aug 18 23:09:29 veepiz postfix/smtpd[15648]: input attribute name: address
Aug 18 23:09:29 veepiz postfix/smtpd[13525]: match_string: hotmail.com ~? localhost.com
Aug 18 23:09:29 veepiz postfix/smtpd[12639]: ctable_locate: leave existing entry key [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[18793]: milter8_connect: events
Aug 18 23:09:29 veepiz postfix/smtpd[13076]: resolve_clnt: `' -> `[email protected]' -> transp=`relay' host=`hotmail.com' rcpt=`[email protected]' flags= class=relay
Aug 18 23:09:29 veepiz postfix/smtpd[17002]: input attribute name: (end)
Aug 18 23:09:29 veepiz postfix/smtpd[18678]: reject_unauth_destination: [email protected]
Aug 18 23:09:29 veepiz postfix/smtpd[13243]: milter_macro_lookup: result "[email protected]"
Aug 18 23:09:29 veepiz postfix/smtpd[13626]: input attribute name: (end)
Aug 18 23:09:29 veepiz postfix/smtpd[18566]: match_hostname: unknown ~? 10.182.130.68/32
Aug 18 23:09:29 veepiz postfix/smtpd[18913]: input attribute name: queue_id
Aug 18 23:09:29 veepiz postfix/smtpd[16226]: extract_addr: input: <[email protected]>
Aug 18 23:09:29 veepiz postfix/smtpd[12213]: generic_checks: name=reject_unauth_destination status=0
Aug 18 23:09:29 veepiz postfix/smtpd[13785]: send attr request = disconnect
Aug 18 23:09:29 veepiz postfix/smtpd[16360]: extract_addr: input: <[email protected]>
Aug 18 23:09:29 veepiz postfix/smtpd[14682]: private/anvil: wanted attribute: status
Aug 18 23:09:29 veepiz postfix/smtpd[13712]: public/cleanup socket: wanted attribute: (list terminator)
Aug 18 23:09:29 veepiz postfix/smtpd[17297]: milter8_connect: events
Aug 18 23:09:29 veepiz postfix/smtpd[13946]: milter_macro_lookup: "j"
Aug 18 23:09:30 veepiz postfix/smtpd[12980]: private/rewrite socket: wanted attribute: flags
Aug 18 23:09:30 veepiz postfix/smtpd[15223]: private/rewrite socket: wanted attribute: flags
Aug 18 23:09:30 veepiz postfix/smtpd[16046]: input attribute value: [email protected]
Aug 18 23:09:30 veepiz postfix/smtpd[13423]: match_list_match: unknown: no match
Aug 18 23:09:30 veepiz postfix/smtpd[18264]: match_list_match: unknown: no match
Aug 18 23:09:30 veepiz postfix/smtpd[12158]: input attribute value: 0
Aug 18 23:09:30 veepiz postfix/smtpd[14952]: permit_mynetworks: li371-14.members.linode.com 96.126.122.14
Aug 18 23:09:30 veepiz postfix/smtpd[15045]: > unknown[187.105.132.234]: 250 2.1.5 Ok
Aug 18 23:09:30 veepiz postfix/smtpd[14014]: extract_addr: in: <[email protected]>, result: [email protected]
Aug 18 23:09:30 veepiz postfix/smtpd[12165]: match_hostname: unknown ~? 10.182.130.68/32
Aug 18 23:09:30 veepiz postfix/smtpd[15390]: abort all milters
Aug 18 23:09:30 veepiz postfix/smtpd[14083]: match_list_match: 190.147.205.152: no match
Aug 18 23:09:30 veepiz postfix/smtpd[16450]: match_string: gmail.com ~? localhost.com
Aug 18 23:09:30 veepiz postfix/smtpd[12150]: match_hostname: ks390655.kimsufi.com ~? 127.0.0.1/32
Aug 18 23:09:30 veepiz postfix/smtpd[16724]: send attr request = disconnect
Aug 18 23:09:30 veepiz postfix/smtpd[16904]: match_list_match: 61.67.184.122: no match
Aug 18 23:09:30 veepiz postfix/qmgr[12109]: C1E66164A28: to=<[email protected]>, relay=none, delay=79045, delays=78851/194/0/0, dsn=4.7.0, status=deferred (delivery temporarily suspended: host mx1.mail.tw.yahoo.com[203.188.197.119] refused to talk to me: 421 4.7.0 [TS01] Messages from 50.57.111.177 temporarily deferred due to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html)
Aug 18 23:09:30 veepiz postfix/smtpd[12192]: input attribute value: 0
Aug 18 23:09:30 veepiz postfix/smtpd[13321]: private/rewrite socket: wanted attribute: recipient
Aug 18 23:09:30 veepiz postfix/smtpd[12800]: input attribute name: (end)
Aug 18 23:09:30 veepiz postfix/smtpd[17483]: input attribute value: 1
Aug 18 23:09:30 veepiz postfix/smtpd[12468]: match_hostaddr: 46.181.195.57 ~? 127.0.0.1/32
Aug 18 23:09:30 veepiz postfix/smtpd[17928]: send attr milter_non_events = 4294967040
Aug 18 23:09:30 veepiz postfix/smtpd[16135]: permit_auth_destination: [email protected]
Aug 18 23:09:30 veepiz postfix/smtpd[19163]: input attribute name: (end)
Aug 18 23:09:30 veepiz postfix/smtpd[14164]: input attribute value: 4096
Aug 18 23:09:30 veepiz postfix/smtpd[19366]: input attribute name: nexthop
Aug 18 23:09:30 veepiz postfix/smtpd[15307]: match_hostname: dsl093-059-178.blt1.dsl.speakeasy.net ~? 50.57.111.177/32
Aug 18 23:09:30 veepiz postfix/smtpd[15951]: milter8_connect: requests SMFIF_ADDHDRS SMFIF_CHGHDRS
Aug 18 23:09:30 veepiz postfix/smtpd[15865]: input attribute name: status
Aug 18 23:09:30 veepiz postfix/smtpd[15569]: generic_checks: name=reject_unauth_destination status=2
Aug 18 23:09:30 veepiz postfix/smtpd[12901]: connection closed
Aug 18 23:09:30 veepiz postfix/smtpd[13166]: match_hostaddr: 202.53.71.60 ~? 50.57.111.177/32
Aug 18 23:09:30 veepiz postfix/smtpd[18364]: match_hostname: unknown ~? 10.182.130.68/32
Aug 18 23:09:30 veepiz postfix/smtpd[12205]: input attribute name: (end)
Aug 18 23:09:30 veepiz postfix/smtpd[14859]: generic_checks: name=permit_mynetworks status=0
Aug 18 23:09:30 veepiz postfix/smtpd[18082]: match_hostname: unknown ~? 127.0.0.1/32
Aug 18 23:09:30 veepiz opendkim[12241]: exited with status 69, restarting
Aug 18 23:09:30 veepiz postfix/smtpd[12331]: < unknown[200.6.252.70]: MAIL FROM: <[email protected]>
Aug 18 23:09:30 veepiz postfix/smtpd[12713]: extract_addr: input: <[email protected]>
Aug 18 23:09:30 veepiz postfix/smtpd[14764]: match_hostaddr: 122.201.66.80 ~? 50.57.111.177/32
Aug 18 23:09:30 veepiz postfix/smtpd[12265]: private/anvil: wanted attribute: rate
Aug 18 23:09:30 veepiz postfix/smtpd[19034]: match_list_match: 82.71.212.10: no match
Aug 18 23:09:30 veepiz postfix/smtpd[18460]: match_list_match: 190.146.184.219: no match
Aug 18 23:09:30 veepiz postfix/smtpd[19723]: dict_eval: const mail
Aug 18 23:09:30 veepiz postfix/smtpd[17099]: match_hostaddr: 178.83.29.189 ~? 10.182.130.68/32
Aug 18 23:09:30 veepiz postfix/smtpd[17710]: match_hostname: unknown ~? 10.182.130.68/32
Aug 18 23:09:30 veepiz postfix/smtpd[15715]: extract_addr: input: <[email protected]>
Aug 18 23:09:30 veepiz postfix/smtpd[15782]: send attr request = resolve
Aug 18 23:09:30 veepiz postfix/smtpd[18174]: milter8_connect: non-protocol events for protocol version 2: SMFIP_NOUNKNOWN SMFIP_NODATA 0xfffffc00
Aug 18 23:09:30 veepiz postfix/smtpd[12122]: private/rewrite socket: wanted attribute: flags
Aug 18 23:09:30 veepiz postfix/smtpd[16633]: match_hostname: unknown ~? 50.57.111.177/32
Aug 18 23:09:30 veepiz postfix/smtpd[14232]: disconnect from unknown[202.53.71.60]
Aug 18 23:09:30 veepiz postfix/smtpd[15479]: input attribute value: 0
Aug 18 23:09:30 veepiz postfix/smtpd[13872]: > unknown[123.30.186.36]: 220 veepiz.com ESMTP Postfix
Aug 18 23:09:30 veepiz postfix/smtpd[19586]: connect from unknown[196.46.27.11]
Aug 18 23:09:30 veepiz postfix/smtpd[15132]: ctable_locate: install entry key [email protected]
Aug 18 23:09:30 veepiz postfix/smtpd[16806]: > unknown[59.163.57.239]: 554 5.7.1 <[email protected]>: Relay access denied
Aug 18 23:09:30 veepiz postfix/smtpd[14527]: match_list_match: unknown: no match
Aug 18 23:09:30 veepiz postfix/smtpd[12222]: mail_addr_find: [email protected] -> (not found)
Aug 18 23:09:30 veepiz postfix/smtpd[15648]: input attribute value: [email protected]
我也不断收到这样的电子邮件:
Subject: Postfix SMTP server: errors from unknown[81.24.210.138]
From: "Mail Delivery System" <[email protected]>
Date: Thu, August 18, 2011 1:03 pm
To: "Postmaster" <[email protected]>
Priority: Normal
Options: View Full Header | View Printable Version | Download this as a file
Transcript of session follows.
In: RSET
Out: 250 2.0.0 Ok
In: MAIL FROM: <[email protected]>
Out: 250 2.1.0 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 250 2.1.5 Ok
In: RCPT TO: <[email protected]>
Out: 554 5.7.1 <[email protected]>: Relay access denied
In: RSET
Out: 250 2.0.0 Ok
In: MAIL FROM: <[email protected]>
Out: 452 4.3.1 Insufficient system storage
In: RSET
Out: 250 2.0.0 Ok
In: MAIL FROM: <[email protected]>
Out: 452 4.3.1 Insufficient system storage
In: QUIT
Out: 221 2.0.0 Bye
我联系了 Rackspace 的管理员,但他们无法为我提供任何有关非托管服务器的帮助。我感到很沮丧,想停止这种奇怪的活动。有什么建议吗?
答案1
您有一个开放的中继。将变量更改mynetworks为mynetworks = 127.0.0.1。重置所有密码(只是为了确保安全)。
之后,对你的服务器进行 SMTP 检查http://mxtoolbox.com看看它是否仍然是开放的中继。
顺便将日志记录减少到标准值。另一个提示:下次将日志直接粘贴到这个问题上,将您的问题重写为简单易读的英语。并接受您以前问题的答案。
编辑
可以通过(重新)设置将日志记录重置为默认值
debug_peer_level = 2
debug_peer_list =
(是的,最后一行以等号结尾)
编辑2
我忘了提到设置,master.cf其中可能有以 结尾的行smtpd -v,甚至不止一个-v。删除-vs。
答案2
查看日志和 postmaster 电子邮件,似乎您正在运行开放中继 - 这是需要修复的问题 #1。我不是 Postfix 专家,我只能指出Postix 相关和访问控制文档。
问题 #2 是您在邮件排队的驱动器上磁盘空间不足 - 您可以通过转储 postfix 队列来解决此问题。(我知道如何做 -postsuper -d ALL以 root 身份运行命令)。
你必须修复开放中继问题——开放中继对您和互联网环境都不利。如果您的服务器长时间处于开放中继状态,您将被列入大量垃圾邮件黑名单。检查您的黑名单状态工具箱或类似的网站,一旦你解决了上述问题,并采取必要的措施来清理可能造成的混乱。
答案3
我使用 wireshack 查找了用于发送邮件的脚本。结果发现这是我的联系表单。我使用过验证码以确保其安全。我还想分享更多关于如何修复它的知识。
- 我按照 mailq 和 voretag7 的建议去做了。
- 修改了这个我从互联网上获得的脚本,以阻止那些垃圾邮件 IP。创建,授予适当的管理员权限,并每 10 分钟
spamblock.sh运行一次cron
。
#!/bin/bash
IPT=/sbin/iptables
LIMIT=10
#cd /root/Filters
# first get one minute of log
grep "`date +"%b %d %H:%M:" --date="1 minutes ago"`" /var/log/maillog > minutelog
# now extract the rejected attempts, sort and count uniq ip
cat minutelog | grep "reject:" | cut -d" " -f10 | cut -d"[" -f2 | cut -d"]" -f 1 | sort | uniq -c | sort -n | sed 's/^[ \t]*//' > tmp1
# for each line in result
while read line
do
MYCOUNT=`echo $line | cut -d" " -f1`
MYIP=`echo $line | cut -d" " -f2`
if [ $MYCOUNT -lt $LIMIT ] ;
then
echo $MYIP is ok: $MYCOUNT attempts
else
echo blocking the spammer at $MYIP with $MYCOUNT attempts
$IPT -I INPUT -i eth0 --proto tcp -s $MYIP --destination-port 25 -j DROP
echo $MYIP >> blocked.smtp
fi
done < tmp1
rm -f minutelog
rm -f tmp1
- 创建了一个脚本来定期执行此命令。清除队列
。
postfix flush
postsuper -d ALL deferred
在我发现是什么脚本之前,我建议执行上述操作。谢谢大家的帮助。