昨晚我看到很多邮件未送达消息,但我没有发送任何邮件。我只有一个网站上线。
有什么方法可以找到更多详细信息吗?我不知道从哪里开始
这些是来自 exim 的拒绝日志
2013-03-01 03:27:31 H=114-42-128-4.dynamic.hinet.net (125.214.75.163) [114.42.128.4]:4227 rejected MAIL <[email protected]>: Access denied - Invalid HELO name (See RFC2821 4.1.3)
2013-03-01 05:13:10 H=(gyrvpwe.com) [27.41.134.95]:4702 F=<[email protected]> rejected RCPT <[email protected]>: Please turn on SMTP Authentication in your mail client, or login to the IMAP/POP3 server before sending your message. (gyrvpwe.com) [27.41.134.95]:4702 is not permitted to relay through this server without authentication.
2013-03-01 09:37:20 courier_plain authenticator failed for localhost [127.0.0.1]:53728: 435 Unable to authenticate at present (set_id=__cpanel__service__auth__exim__DTGm12zHmcIhHGj1OI5GgfzrB5j7sk5UEyxNaYj7UqGFGstIMLklIjsIMYvPpAIt): failed to connect to socket /var/spool/authdaemon/socket: Connection refused inside "and{...}" condition
这些是来自
/var/log/消息
Mar 1 05:13:03 cpanel named[1442]: network unreachable resolving 'ns4.apnic.net/A/IN': 2001:dc0:4001:1:0:1836:0:140#53
Mar 1 05:13:04 cpanel named[1442]: network unreachable resolving 'tinnie.apnic.net/AAAA/IN': 2001:dc0:2001:0:4608::25#53
Mar 1 05:13:08 cpanel named[1442]: network unreachable resolving 'yahoo.com.tw/MX/IN': 2001:b000:168::1:c:10#53
Mar 1 05:57:45 cpanel named[1442]: network unreachable resolving 'colorado.edu/NS/IN': 2001:503:cc2c::2:36#53
Mar 1 06:15:02 cpanel named[1442]: network unreachable resolving 'httpupdate.cpanel.net/A/IN': 2001:503:a83e::2:30#53
Mar 1 06:15:02 cpanel named[1442]: network unreachable resolving 'httpupdate.cpanel.net/A/IN': 2001:503:231d::2:30#53
Mar 1 06:15:02 cpanel named[1442]: network unreachable resolving 'httpupdate.cpanel.net/A/IN': 2620:0:28a0:1528::3:1#53
Mar 1 06:27:51 cpanel named[1442]: network unreachable resolving 'akamai.com/NS/IN': 2600:1406:1b::64#53
Mar 1 07:28:03 cpanel named[1442]: network unreachable resolving 'mit.edu/NS/IN': 2001:503:cc2c::2:36#53
Mar 1 08:18:15 cpanel named[1442]: network unreachable resolving 'comcast.net/NS/IN': 2001:558:fe23:8:69:252:250:103#53
Mar 1 08:18:19 cpanel named[1442]: network unreachable resolving 'comcast.net/NS/IN': 2001:558:100a:5:68:87:68:244#53
Mar 1 08:18:19 cpanel named[1442]: network unreachable resolving 'comcast.net/NS/IN': 2001:558:100e:5:68:87:72:244#53
Mar 1 08:34:46 cpanel named[1442]: network unreachable resolving 'ns1.my.smartdns.net.au/A/IN': 2001:500:856e::6:34#53
Mar 1 08:34:47 cpanel named[1442]: network unreachable resolving 'hotmail.com/MX/IN': 2a01:111:2005::1:1#53
Mar 1 08:34:47 cpanel named[1442]: network unreachable resolving 'hotmail.com/MX/IN': 2a01:111:2006:6::1:1#53
Mar 1 08:34:47 cpanel named[1442]: network unreachable resolving 'clearfieldjeffersonredcross.org/MX/IN': 2001:500:f::1#53
Mar 1 08:34:47 cpanel named[1442]: network unreachable resolving 'clearfieldjeffersonredcross.org/MX/IN': 2001:500:b::1#53
Mar 1 08:34:47 cpanel named[1442]: network unreachable resolving 'msn.com/MX/IN': 2a01:111:2020::1:1#53
答案1
看起来您要么是开放的 SMTP 中继,要么更有可能,您的服务器上正在运行试图发送垃圾邮件的软件。如果我不得不猜测,我会怀疑您的机器已被入侵。
我想说的是,您可以从已知的干净备份中进行恢复,或者从头开始重建机器。