URN Logo
UNIX Resources » Linux » China Linux Forum » 域名服务器和邮件服务器 » 28 » 紧急求救--有人把我的qmail+ldap当垃圾邮件跳板!
announcement 声明: 本页内容为中国Linux论坛的内容镜像,文章的版权以及其他所有的相关权利属于中国Linux论坛和相应文章的作者,如果转载,请注明文章来源及相关版权信息。
Resources
China Linux Forum(finished)
Linux Forum(finished)
FreeBSD China(finished)
linuxforum.net
  业界新闻与评论
  自由软件杂谈
  IT 人生
  Linux软件快递
  翻译作坊
  Linux图书与评论
  GNU Emacs/XEmacs
  Linux 中文环境和中文化
  Linux桌面与办公软件
  Linux 多媒体与娱乐版
  自由之窗Mozilla
  笔记本电脑上的Linux
  Gentoo
  Debian 一族
  网络管理技术
  Linux 安装与入门
  WEB服务器和FTP服务器
  域名服务器和邮件服务器
  Linux防火墙和代理服务器应用
  文件及打印服务器
  技术培训与认证
  TI专版
  Linux内核技术
  Linux 嵌入技术
  Linux设备驱动程序
  Linux 集群技术
  LINUX平台数据库
  系统和网络安全
  CPU 与 编译器
  系统计算研究所专栏
  Linux下的GUI软件开发
  C/C++编程版
  PHP 技 术
  Java&jsp技术
  Shell编程技术
  Perl 编 程
  Python 编 程
  XML/Web Service 技术
  永远的Unix
  FreeBSD世界
   
紧急求救--有人把我的qmail+ldap当垃圾邮件跳板!
 
 
 
 
 
请问认证和open relays的区别 - WelJava [2003-07-30 11:21 | 53 byte(s)]
 
Re: 请问认证和open relays的区别 - ultralix [2003-07-30 17:51 | 150 byte(s)]
 
Subject: 紧急求救--有人把我的qmail+ldap当垃圾邮件跳板!
Author: WelJava    Posted: 2003-07-23 16:20    Length: 1,162 byte(s)
[Original] [Print] [Top]

系统是 qmail + ldap

中午时,删除了 10万 多封队列,不到 1小时又给我送进来 4711 个队列。

请问哪位知道怎么看他是怎么登录进来的,用的什么用户名和密码?谢谢!

邮件是有认证的,使用outlook、foxmail、telnet检验过。

附带一个邮件头:
--------------
MESSAGE NUMBER 1246991
--------------
Received: (qmail 2106 invoked from network); 23 Jul 2003 07:18:52 -0000
Received: from unknown (HELO teakettle) (admin@[218.61.0.175])
(envelope-sender <anneboater@netscape.com>)
by 0 (qmail-ldap-1.03) with SMTP
for <selkins86@aol.com>; 23 Jul 2003 07:18:52 -0000
Date: Wed, 23 Jul 2003 07:25:38 GMT
From: "Jennie Galestan"<anneboater@netscape.com>
X-Priority: 3
To: selkins86@aol.com
Subject: expectations
Mime-Version: 1.0
Content-Type: text/html; charset=us-ascii
Content-Transfer-Encoding: 7bit
----
搞不懂就问人,搞得懂就答人,
没有人懂还可以问神.
[Original] [Print] [Top]
Subject: Re: 紧急求救--有人把我的qmail+ldap当垃圾邮件跳板!
Author: ultralix    Posted: 2003-07-25 10:23    Length: 142 byte(s)
[Original] [Print] [Top]
你是否将server的relay关掉了呢?
我也碰到过类似的情况。
我用exi,虽然打开了认证,但是忘了把
relay domain * 改掉……
[Original] [Print] [Top]
Subject: Re: 紧急求救--有人把我的qmail+ldap当垃圾邮件跳板!
Author: WelJava    Posted: 2003-07-28 17:19    Length: 52 byte(s)
[Original] [Print] [Top]

测试过有SMTP认证的啊。

----
搞不懂就问人,搞得懂就答人,
没有人懂还可以问神.
[Original] [Print] [Top]
Subject: Re: 紧急求救--有人把我的qmail+ldap当垃圾邮件跳板!
Author: ultralix    Posted: 2003-07-28 18:59    Length: 20,022 byte(s)
[Original] [Print] [Top]
认证和open relays是两码事吧,看看我有认证但是open relay的结果,一个晚上,我的ASDL 512k:
Exim statistics from 2003-07-02 18:23:01 to 2003-07-03 06:25:01

Grand total summary
-------------------
At least one address
TOTAL Volume Messages Hosts Delayed Failed
Received 80MB 10448 66 2918 27.9% 7194 68.9%
Delivered 144MB 20154 3300

Deliveries by transport
-----------------------
Volume Messages
local_delivery 13KB 15
remote_smtp 144MB 20139

Messages received per hour (each dot is 68 messages)
----------------------------------------------------

00-01 2
01-02 1
02-03 156 ..
03-04 2975 ...........................................
04-05 3424 ..................................................
05-06 3017 ............................................
06-07 865 ............
07-08 0
08-09 0
09-10 0
10-11 0
11-12 0
12-13 0
13-14 0
14-15 0
15-16 0
16-17 0
17-18 0
18-19 3
19-20 1
20-21 2
21-22 0
22-23 1
23-24 1

Deliveries per hour (each dot is 140 deliveries)
------------------------------------------------

00-01 2
01-02 1
02-03 266 .
03-04 5726 ........................................
04-05 6990 .................................................
05-06 5592 .......................................
06-07 1569 ...........
07-08 0
08-09 0
09-10 0
10-11 0
11-12 0
12-13 0
13-14 0
14-15 0
15-16 0
16-17 0
17-18 0
18-19 3
19-20 1
20-21 2
21-22 0
22-23 1
23-24 1

Time spent on the queue: all messages
-------------------------------------

Under 1m 2690 54.0% 54.0%
5m 1202 24.1% 78.1%
15m 529 10.6% 88.7%
30m 249 5.0% 93.7%
1h 152 3.1% 96.8%
3h 158 3.2% 99.9%
6h 3 0.1% 100.0%

Time spent on the queue: messages with at least one remote delivery
-------------------------------------------------------------------

Under 1m 2662 53.7% 53.7%
5m 1202 24.3% 78.0%
15m 528 10.7% 88.7%
30m 249 5.0% 93.7%
1h 152 3.1% 96.8%
3h 157 3.2% 99.9%
6h 3 0.1% 100.0%

Relayed messages
----------------

1 rj244164.user.veloxzone.com.br [200.165.244.164] voie_357@lycos.com
=> webmail.broadviewnet.com [64.115.132.19] dsolomon@broadviewnet.com
1 rj244164.user.veloxzone.com.br [200.165.244.164] wacckey@ultrapostman.com
=> mail-in.pol.net.uk [195.92.193.155] dsp@twotech.freeserve.co.uk

<----------------------snip------------------------------------>

1 rj244164.user.veloxzone.com.br [200.165.244.164] wacckey@ultrapostman.com
=> mailin-02.mx.aol.com [64.12.136.121] smaack1@aol.com
1 rj244164.user.veloxzone.com.br [200.165.244.164] wacckey@ultrapostman.com
=> mx1.hotmail.com [65.54.252.99] ckoehly@hotmail.com
1 rj244164.user.veloxzone.com.br [200.165.244.164] wacckey@ultrapostman.com
=> rly-ic05.mx.aol.com [152.163.225.138] 49454532@pager.icq.com
1 rt.njabl.org [209.208.0.15] relaytestsend@rt.njabl.org
=> rr.njabl.org [209.208.0.15] relaytest@rr.njabl.org

Total: 18385 (plus 0 unshown)

Top 50 sending hosts by message count
-------------------------------------

4692 41264620 local
492 3584777 (mx1.eudoramail.com)
319 2322143 (mxc1.about.com)
301 3086232 (lithium.dhis.org)
300 2190737 62-36-32-212.dialup.uni2.es
253 1843199 200-158-150-73.dsl.telesp.net.br
249 1808411 (lb-a01.another.com)
157 1148335 (keromail-com.mr.outblaze.com)
153 1119951 c141156.adsl.hansenet.de
153 1116316 (wongfaye-com.mr.outblaze.com)
150 1105143 lsanca1-ar41-4-61-129-175.lsanca1.dsl-verizon.net
150 1102169 200-103-001-105.cbabm7006.dsl.brasiltelecom.net.br
150 1101303 adsl-208-190-203-215.dsl.kscymo.swbell.net
150 1100842 200-206-193-164.dsl.telesp.net.br
150 1100794 200-204-146-37.dsl.telesp.net.br
150 1100319 rj177062.user.veloxzone.com.br
150 1099599 dsl-200-78-107-245.prodigy.net.mx
150 1098787 d235-177-31.home1.cgocable.net
150 1097832 lsanca1-ar44-4-33-101-211.lsanca1.dsl-verizon.net
150 1094356 (mail.webtopmail.com)
150 1093052 pppoe0092.ld.centurytel.net
145 1059981 adsl-78-196-131.sdf.bellsouth.net
132 964913 200-158-199-223.dsl.telesp.net.br
129 945833 rj244164.user.veloxzone.com.br
112 818914 145.red-80-37-50.pooles.rima-tde.net
106 775229 dsl-200-95-98-158.prodigy.net.mx
103 751202 (ns.123box.co.uk)
103 750541 (doramail-com.mr.outblaze.com)
94 685652 200-171-82-116.speedyterra.com.br
93 682205 dsl-200-95-0-195.prodigy.net.mx
86 631232 121.red-80-33-81.pooles.rima-tde.net
77 565659 dsl-200-95-82-137.prodigy.net.mx
73 532307 evrtwa1-ar11-4-63-130-004.evrtwa1.dsl-verizon.net
61 445993 host253.204.17.107.conversent.net
60 625440 localhost
56 411761 dc8549392.dslam-02-1-9-02-2-01.nag.dsl.cantv.net
45 330728 chello062179012040.chello.pl
32 233590 host30-180.pool80181.interbusiness.it
30 219652 chello062179066238.chello.pl
30 217831 (mx1.mail.yahoo.com)
29 212910 ppp-217-133-255-186.cust-adsl.tiscali.it
27 198282 alton.il24.207.152.217.charter-stl.com
15 109978 pb73.zawiercie.sdi.tpnet.pl
10 73575 200-171-65-135.speedyterra.com.br
9 65987 66-215-246-32.riv-eres.charterpipeline.net
9 65945 200-161-209-173.dsl.telesp.net.br
7 51056 d53-179-180.nap.wideopenwest.com
7 50950 200-161-30-4.dsl.telesp.net.br
6 44115 0x3ef3ab78.bynxx2.adsl-dhcp.tele.dk
6 43815 (amuro-net.mr.outblaze.com)

Top 50 sending hosts by volume
------------------------------

4692 41264620 local
492 3584777 (mx1.eudoramail.com)
301 3086232 (lithium.dhis.org)
319 2322143 (mxc1.about.com)
300 2190737 62-36-32-212.dialup.uni2.es
253 1843199 200-158-150-73.dsl.telesp.net.br
249 1808411 (lb-a01.another.com)
157 1148335 (keromail-com.mr.outblaze.com)
153 1119951 c141156.adsl.hansenet.de
153 1116316 (wongfaye-com.mr.outblaze.com)
150 1105143 lsanca1-ar41-4-61-129-175.lsanca1.dsl-verizon.net
150 1102169 200-103-001-105.cbabm7006.dsl.brasiltelecom.net.br
150 1101303 adsl-208-190-203-215.dsl.kscymo.swbell.net
150 1100842 200-206-193-164.dsl.telesp.net.br
150 1100794 200-204-146-37.dsl.telesp.net.br
150 1100319 rj177062.user.veloxzone.com.br
150 1099599 dsl-200-78-107-245.prodigy.net.mx
150 1098787 d235-177-31.home1.cgocable.net
150 1097832 lsanca1-ar44-4-33-101-211.lsanca1.dsl-verizon.net
150 1094356 (mail.webtopmail.com)
150 1093052 pppoe0092.ld.centurytel.net
145 1059981 adsl-78-196-131.sdf.bellsouth.net
132 964913 200-158-199-223.dsl.telesp.net.br
129 945833 rj244164.user.veloxzone.com.br
112 818914 145.red-80-37-50.pooles.rima-tde.net
106 775229 dsl-200-95-98-158.prodigy.net.mx
103 751202 (ns.123box.co.uk)
103 750541 (doramail-com.mr.outblaze.com)
94 685652 200-171-82-116.speedyterra.com.br
93 682205 dsl-200-95-0-195.prodigy.net.mx
86 631232 121.red-80-33-81.pooles.rima-tde.net
60 625440 localhost
77 565659 dsl-200-95-82-137.prodigy.net.mx
73 532307 evrtwa1-ar11-4-63-130-004.evrtwa1.dsl-verizon.net
61 445993 host253.204.17.107.conversent.net
56 411761 dc8549392.dslam-02-1-9-02-2-01.nag.dsl.cantv.net
45 330728 chello062179012040.chello.pl
32 233590 host30-180.pool80181.interbusiness.it
30 219652 chello062179066238.chello.pl
30 217831 (mx1.mail.yahoo.com)
29 212910 ppp-217-133-255-186.cust-adsl.tiscali.it
27 198282 alton.il24.207.152.217.charter-stl.com
15 109978 pb73.zawiercie.sdi.tpnet.pl
10 73575 200-171-65-135.speedyterra.com.br
9 65987 66-215-246-32.riv-eres.charterpipeline.net
9 65945 200-161-209-173.dsl.telesp.net.br
7 51056 d53-179-180.nap.wideopenwest.com
7 50950 200-161-30-4.dsl.telesp.net.br
6 44115 0x3ef3ab78.bynxx2.adsl-dhcp.tele.dk
6 43815 (amuro-net.mr.outblaze.com)

Top 50 local senders by message count
-------------------------------------

4692 41264620 mail

Top 50 local senders by volume
------------------------------

4692 41264620 mail

Top 50 destinations by message count
------------------------------------

1962 14351187 rly-ic05.mx.aol.com
800 5850488 mailin-01.mx.aol.com
781 5707277 mx1.hotmail.com
747 5465215 mx4.hotmail.com
744 5440870 mx3.hotmail.com
740 5415180 mx2.hotmail.com
737 5385087 mailin-02.mx.aol.com
732 5352691 mailin-04.mx.aol.com
564 4127075 mailin-03.mx.aol.com
544 3981689 mx1.optonline.net
529 4596426 mx1.eudoramail.com
501 3668103 mx2.optonline.net
409 2994255 gateway-s.comcast.net
348 2546028 gateway-r.comcast.net
342 2501937 smtp2.jersey.net
312 2283972 relay.verizon.net
286 2411321 mx1.mail.lycos.com
252 1848127 mx4.mail.yahoo.com
181 1323444 relay.bellatlantic.net
180 1811655 blackhole.theglobe.com
180 1592347 mail.zapo.net
171 1257191 mailin-04.mx.netscape.net
171 1251215 mx1.mail.yahoo.com
141 1036072 mx2.mail.yahoo.com
135 1201487 mail2.atlaswebmail.com
128 941838 mailin-02.mx.netscape.net
120 883948 mailin-03.mx.netscape.net
120 877611 smtpin.mx.webtv.net
113 986923 out.talk21.com
113 825562 rly-ic03.mx.aol.com
106 929145 mxc1.about.com
106 776445 mx2.optonline.com
102 746815 mx1.optonline.com
97 853305 ns.123box.co.uk
85 627001 mailin-01.mx.netscape.net
66 580118 lb-a01.another.com
63 514573 mx.mail.lycos.com
60 613440 mail.mediaone.com
60 611730 null.southeast.net
53 387296 sbcmail6.prodigy.net
52 380523 mx.mail.rcn.net
51 372567 mx01.earthlink.net
48 350939 sbcmail5.prodigy.net
47 344308 gateway2.worldnet.att.net
47 343498 sbcmail3.prodigy.net
46 336416 mx01.mail.bellsouth.net
42 375746 mail1.atlaswebmail.com
42 306950 mx00.earthlink.net
39 285512 sbcmail2.prodigy.net
38 278360 mx03.earthlink.net

Top 50 destinations by volume
-----------------------------

1962 14351187 rly-ic05.mx.aol.com
800 5850488 mailin-01.mx.aol.com
781 5707277 mx1.hotmail.com
747 5465215 mx4.hotmail.com
744 5440870 mx3.hotmail.com
740 5415180 mx2.hotmail.com
737 5385087 mailin-02.mx.aol.com
732 5352691 mailin-04.mx.aol.com
529 4596426 mx1.eudoramail.com
564 4127075 mailin-03.mx.aol.com
544 3981689 mx1.optonline.net
501 3668103 mx2.optonline.net
409 2994255 gateway-s.comcast.net
348 2546028 gateway-r.comcast.net
342 2501937 smtp2.jersey.net
286 2411321 mx1.mail.lycos.com
312 2283972 relay.verizon.net
252 1848127 mx4.mail.yahoo.com
180 1811655 blackhole.theglobe.com
180 1592347 mail.zapo.net
181 1323444 relay.bellatlantic.net
171 1257191 mailin-04.mx.netscape.net
171 1251215 mx1.mail.yahoo.com
135 1201487 mail2.atlaswebmail.com
141 1036072 mx2.mail.yahoo.com
113 986923 out.talk21.com
128 941838 mailin-02.mx.netscape.net
106 929145 mxc1.about.com
120 883948 mailin-03.mx.netscape.net
120 877611 smtpin.mx.webtv.net
97 853305 ns.123box.co.uk
113 825562 rly-ic03.mx.aol.com
106 776445 mx2.optonline.com
102 746815 mx1.optonline.com
85 627001 mailin-01.mx.netscape.net
60 613440 mail.mediaone.com
60 611730 null.southeast.net
66 580118 lb-a01.another.com
63 514573 mx.mail.lycos.com
53 387296 sbcmail6.prodigy.net
52 380523 mx.mail.rcn.net
42 375746 mail1.atlaswebmail.com
51 372567 mx01.earthlink.net
48 350939 sbcmail5.prodigy.net
47 344308 gateway2.worldnet.att.net
47 343498 sbcmail3.prodigy.net
46 336416 mx01.mail.bellsouth.net
36 309627 mail1.synacor.com
42 306950 mx00.earthlink.net
30 302715 null.leading.net

Top 50 local destinations by message count
------------------------------------------

15 13322 lix

Top 50 local destinations by volume
-----------------------------------

15 13322 lix

List of errors
--------------


1 wilson10@hotpop.com R=lookuphost T=remote_smtp: SMTP
error from remote mailer after RCPT TO:<wilson10@hotpop.com>:
host mx3.hotpop.com [204.57.55.42]: 554 Service unavailable;
Client host [218.79.67.37] blocked using sbl.spamhaus.org;
http://www.spamhaus.org/SBL/sbl.lasso?query=SBL9097

4 wimad@doramail.com R=lookuphost T=remote_smtp: SMTP
error from remote mailer after RCPT TO:<wimad@doramail.com>:
host doramail-com.mr.outblaze.com [202.77.181.66]:
550 <>: No thank you: rejected: User unknown

<----------------------snip------------------------------------>

1 winona-ryder@jump.net R=lookuphost T=remote_smtp: SMTP
error from remote mailer after RCPT TO:<winona-ryder@jump.net>:
host mta.algx.net [67.92.168.20]: 550 5.1.1 unknown
or illegal alias: winona-ryder@jump.net

2 winona668@sailormoon.com R=lookuphost T=remote_smtp:
SMTP error from remote mailer after RCPT TO:<winona668@sailormoon.com>:
host sailormoon-com.mr.outblaze.com [202.77.181.66]:
550 <>: No thank you: rejected: User unknown

5 zuberoa@ranmamail.com R=lookuphost T=remote_smtp: SMTP
error from remote mailer after RCPT TO:<zuberoa@ranmamail.com>:
host ranmamail-com.mr.outblaze.com [205.158.62.38]:
550 <>: No thank you: rejected: User unknown

Errors encountered: 18597
-------------------------

后来我把队列里的东西全删了,亡羊补牢,呵呵。
[Original] [Print] [Top]
Subject: 请问认证和open relays的区别
Author: WelJava    Posted: 2003-07-30 11:21    Length: 53 byte(s)
[Original] [Print] [Top]
认证和open relays是什么关系呢? 他怎么用open relay?
----
搞不懂就问人,搞得懂就答人,
没有人懂还可以问神.
[Original] [Print] [Top]
Subject: Re: 请问认证和open relays的区别
Author: ultralix    Posted: 2003-07-30 17:51    Length: 150 byte(s)
[Original] [Print] [Top]
我也不太清楚,只知道open relay可以被用来做中继,而且不需要验证的,但可以设定允许relay的域的限制,甚至禁用,而授予通过smtp验证的可以relay *
:P
[Original] [Print] [Top]
Subject: Re: 紧急求救--有人把我的qmail+ldap当垃圾邮件跳板!
Author: lanry    Posted: 2003-07-31 08:56    Length: 41 byte(s)
[Original] [Print] [Top]
请问是在qmail的哪个文件中改掉relay open *
[Original] [Print] [Top]
« Previous thread
bind工具的奇怪问题
域名服务器和邮件服务器
28
Next thread »
bind的问题请高人指教。
     

Copyright © 2007~2009 UNIX Resources Network, All Rights Reserved.      About URN | Privacy & Legal | Help | Contact us
webmaster: webmaster@unixresources.net
This page created on 2009-09-07 16:21:46, cost 0.0408928394318 ms.