嗨,我想知道是否有人可以提供帮助.我从我的主机公司收到一封电子邮件,说我的服务器有一些奇怪的流量.快速查看日志文件会显示下面的示例日志.日志文件中有数千封电子邮件.
有人可以建议我如何阻止从我的Linux服务器发送的所有电子邮件.
如果有帮助的话,我在Ubuntu 12.03 LTS上.
Jan 31 09:52:30 myserver postfix/smtp[55852]: 03EC14869A: to=<QAnne-Pascale.Targe@ciera.ulaval.ca>,relay=exch-spam02.ulaval.ca[132.203.244.24]:25,delay=229193,delays=229193/0.17/0.47/0,dsn=4.0.0,status=deferred (host exch-spam02.ulaval.ca[132.203.244.24] refused to talk to me: 554-exch-spam02.ulaval.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means.) Jan 31 09:52:30 myserver postfix/smtp[55870]: connect to cluster8.us.messagelabs.com[216.82.241.132]:25: Connection refused Jan 31 09:52:30 myserver postfix/smtp[55849]: 5049348710: to=<Qst-onge.mathieu.3@courrier.uqam.ca>,relay=mail3.uqam.ca[132.208.246.162]:25,delay=229188,delays=229187/0.15/0.52/0,status=deferred (host mail3.uqam.ca[132.208.246.162] refused to talk to me: 554-data.crochet.telecom.uqam.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means.) Jan 31 09:52:30 myserver postfix/smtp[55870]: connect to cluster8a.us.messagelabs.com[85.158.139.103]:25: Connection refused Jan 31 09:52:30 myserver postfix/smtp[55861]: 3437C4876E: to=<racicot.yves@uqam.ca>,delay=229181,delays=229180/0.2/0.45/0,please contact the intended recipient via alternate means.) Jan 31 09:52:30 myserver postfix/smtp[55846]: 8503348BF7: to=<tremblayjg@csc-scc.gc.ca>,relay=mail2.csc-scc.gc.ca[198.103.56.136]:25,delay=228588,delays=228587/0.12/0.68/0,status=deferred (host mail2.csc-scc.gc.ca[198.103.56.136] refused to talk to me: 554-mxlaval.csc-scc.gc.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means.) Jan 31 09:52:30 myserver postfix/smtp[55870]: connect to cluster8a.us.messagelabs.com[216.82.251.230]:25: Connection refused Jan 31 09:52:30 myserver postfix/smtp[55865]: A5E364984A: to=<vaillancourt.yves@uqam.ca>,relay=mail2.uqam.ca[132.208.246.165]:25,delay=228559,delays=228558/0.27/0.46/0,status=deferred (host mail2.uqam.ca[132.208.246.165] refused to talk to me: 554-data.hamecon.telecom.uqam.ca 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means.) Jan 31 09:52:30 myserver postfix/smtp[55870]: F0E6948932: to=<rbrophy@bickertonbrokers.com>,relay=none,delay=229161,delays=229161/0.33/0.4/0,dsn=4.4.1,status=deferred (connect to cluster8a.us.messagelabs.com[216.82.251.230]:25: Connection refused) Jan 31 09:52:30 myserver postfix/smtp[55843]: A83CA486EF: to=<Qjonathan.durand-folcol.1@ulaval.ca>,delay=229191,delays=229190/0.27/0.48/0,please contact the intended recipient via alternate means.) Jan 31 09:52:30 myserver postfix/smtp[55845]: 2E49B4866E: host mx11.exchange.telus.com[205.206.208.34] refused to talk to me: 554-mx21.exchange.telus.com 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means. Jan 31 09:52:30 myserver postfix/smtp[55856]: 12A4A4DF0A: to=<Ipoussons-poussettes@bellnet.ca>,relay=mxmta.bellnet.ca[67.69.240.61]:25,delay=231626,delays=231625/0.17/0.92/0,dsn=4.4.2,status=deferred (lost connection with mxmta.bellnet.ca[67.69.240.61] while receiving the initial server greeting) Jan 31 09:52:30 myserver postfix/smtp[55845]: 2E49B4866E: host mx12.exchange.telus.com[205.206.208.35] refused to talk to me: 554-mx22.exchange.telus.com 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means. Jan 31 09:52:30 myserver postfix/smtp[55850]: 53A1948A8C: to=<Troy@ExitInTheSoo.com>,relay=presmtp.ex1.secureserver.net[72.167.238.201]:25,delay=228581,delays=228579/0.15/1.2/0,status=deferred (host presmtp.ex1.secureserver.net[72.167.238.201] refused to talk to me: 554-p3pismtp01-057.prod.phx3.secureserver.net 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means.) Jan 31 09:52:31 myserver postfix/smtp[55844]: 955704945F: to=<tpeddigrew@cogeco.ca>,relay=MX.cogeco.ca[216.221.81.26]:25,delay=228598,delays=228596/0.1/1.4/0,status=deferred (lost connection with MX.cogeco.ca[216.221.81.26] while receiving the initial server greeting) Jan 31 09:52:31 myserver postfix/smtp[55845]: 2E49B4866E: host mx13.exchange.telus.com[209.171.64.82] refused to talk to me: 554-mx24.exchange.telus.com 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means. Jan 31 09:52:31 myserver postfix/smtp[55845]: 2E49B4866E: to=<pwong@williamsengineering.com>,relay=mx14.exchange.telus.com[209.171.64.83]:25,delay=229196,delays=229194/0.1/1.6/0,status=deferred (host mx14.exchange.telus.com[209.171.64.83] refused to talk to me: 554-mx25.exchange.telus.com 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error,please contact the intended recipient via alternate means.) Jan 31 09:52:31 myserver postfix/smtp[55862]: 343EB486F0: to=<Qnicolas_gignac@inrs-ete.uquebec.ca>,delay=229190,delays=229188/0.21/1.5/0,dsn=4.4.3,status=deferred (Host or domain name not found. Name service error for name=inrs-ete.uquebec.ca type=MX: Host not found,try again) Jan 31 09:52:33 myserver postfix/smtp[55847]: 611C348731: to=<query@coastalwinds.com>,delay=229189,delays=229185/0.13/3.3/0,status=deferred (Host or domain name not found. Name service error for name=coastalwinds.com type=MX: Host not found,try again) Jan 31 09:52:33 myserver postfix/smtp[55848]: 6146948685: to=<Qfoisy.catherine.2@courrier.uqam.ca>,delay=229195,delays=229191/0.14/3.5/0,please contact the intended recipient via alternate means.) Jan 31 09:52:59 myserver postfix/smtp[55854]: connect to gmail.co[173.194.34.182]:25: Connection timed out Jan 31 09:52:59 myserver postfix/smtp[55860]: connect to hortmail.com[65.55.39.10]:25: Connection timed out Jan 31 09:52:59 myserver postfix/smtp[55855]: connect to saskpower.ca[65.39.140.84]:25: Connection timed out Jan 31 09:52:59 myserver postfix/smtp[55855]: 022C148CCF: to=<rgin@saskpower.ca>,delay=229153,delays=229123/0.15/30/0,status=deferred (connect to saskpower.ca[65.39.140.84]:25: Connection timed out) Jan 31 09:53:00 myserver postfix/smtp[55866]: connect to remax-lethbridge.com[208.91.196.163]:25: Connection timed out Jan 31 09:53:00 myserver postfix/smtp[55866]: B370A48B44: to=<remax@remax-lethbridge.com>,delay=229168,delays=229137/0.28/30/0,status=deferred (connect to remax-lethbridge.com[208.91.196.163]:25: Connection timed out) Jan 31 09:53:29 myserver postfix/smtp[55854]: connect to gmail.co[173.194.34.181]:25: Connection timed out Jan 31 09:53:29 myserver postfix/smtp[55854]: 056994B723: to=<Wesleyscott99@gmail.co>,delay=228541,delays=228481/0.19/60/0,status=deferred (connect to gmail.co[173.194.34.181]:25: Connection timed out) Jan 31 09:53:29 myserver postfix/smtp[55860]: connect to hortmail.com[64.4.6.100]:25: Connection timed out Jan 31 09:53:29 myserver postfix/smtp[55860]: 3F3DE48F58: to=<rmaliaa@hortmail.com>,delay=229137,delays=229076/0.19/60/0,status=deferred (connect to hortmail.com[64.4.6.100]:25: Connection timed out)
解决方法
> postsuper -h ALL将停止来自服务器的外发邮件.去做.马上.是的,它会影响实际的真实邮件.但是您的服务器已经被列入黑名单,因此无论如何都不会传递您的真实邮件.
>查看其中一封垃圾邮件的标题.这就是你如何找到他们来自哪里.如果没有看到这些标题,我无法提供更多信息.
>清除队列中的垃圾邮件.如果您不关心仍在队列中的任何“真实”邮件,删除整个队列将是最快和最简单的.这是通过postqueue -d ALL完成的.如果您不想删除整个队列,请使用postqueue -p打印出队列内容.然后,对于您实际想要发送的每封邮件,查看该邮件的队列ID,并使用postsuper -H queue_ID将其从保留中删除.一旦完成(并复制了一些垃圾邮件的内容以供进一步分析),您可以通过运行postsuper -d ALL hold来清除保留队列中的剩余垃圾邮件.
>如果有,则需要关闭postfix.马上.在您弄清楚垃圾邮件的来源并确定您已将其停止之前,请勿重新启动它.有关于如何在 the postfix documentation保护后缀服务器的信息.如果您已经这样做但垃圾邮件仍然存在,则可能是通过某些Web服务或其他恶意软件.弄清楚这个问题超出了这个问题的范围.
>您的邮件服务器已列入黑名单.您需要通过例如设置邮件中继ISP服务器,或者您需要脱离黑名单.在 http://www.spamhaus.org/有关于此的信息.
>查看其中一封垃圾邮件的标题.这就是你如何找到他们来自哪里.如果没有看到这些标题,我无法提供更多信息.
>清除队列中的垃圾邮件.如果您不关心仍在队列中的任何“真实”邮件,删除整个队列将是最快和最简单的.这是通过postqueue -d ALL完成的.如果您不想删除整个队列,请使用postqueue -p打印出队列内容.然后,对于您实际想要发送的每封邮件,查看该邮件的队列ID,并使用postsuper -H queue_ID将其从保留中删除.一旦完成(并复制了一些垃圾邮件的内容以供进一步分析),您可以通过运行postsuper -d ALL hold来清除保留队列中的剩余垃圾邮件.
>如果有,则需要关闭postfix.马上.在您弄清楚垃圾邮件的来源并确定您已将其停止之前,请勿重新启动它.有关于如何在 the postfix documentation保护后缀服务器的信息.如果您已经这样做但垃圾邮件仍然存在,则可能是通过某些Web服务或其他恶意软件.弄清楚这个问题超出了这个问题的范围.
>您的邮件服务器已列入黑名单.您需要通过例如设置邮件中继ISP服务器,或者您需要脱离黑名单.在 http://www.spamhaus.org/有关于此的信息.