* [Comm] Postfix & open relay
@ 2003-08-12 4:31 Sergey V. Golovin
2003-08-12 4:46 ` Mike Lykov
` (3 more replies)
0 siblings, 4 replies; 10+ messages in thread
From: Sergey V. Golovin @ 2003-08-12 4:31 UTC (permalink / raw)
To: community
Здравствуйте!
Сегодня утром обнаружил
Out: 220 my.host.name ESMTP Postfix
In: EHLO MX1.INOVA.COM.BR
Out: 250-my.host.name
Out: 250-PIPELINING
Out: 250-SIZE 20000000
Out: 250-ETRN
Out: 250-XVERP
Out: 250 8BITMIME
In: mail from: <xzjkl@gremio.com>
Out: 250 Ok
In: rcpt to: <plauche@attbi.com>
Out: 250 Ok
In: rcpt to: <ddoerge@freeuk.com>
Out: 250 Ok
In: rcpt to: <45185419@pager.mirabilis.com>
Out: 250 Ok
In: rcpt to: <ddoering@bellsouth.net>
Out: 250 Ok
In: data
Out: 354 End data with <CR><LF>.<CR><LF>
Out: 250 Ok: queued as DC895378C0
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Это действительно плохо, как я думаю?
В логах
Aug 12 07:11:11 my postfix/smtpd[5813]: DC895378C0: client=unknown[64.191.59.213]
Aug 12 07:11:48 my postfix/cleanup[5814]: DC895378C0: message-id=<20030812021111.DC895378C0@my.host.name>
Aug 12 07:11:48 my postfix/smtp[5823]: DC895378C0: to=<45185419@pager.mirabilis.com>, relay=none, delay=37, status=bounced (mail for pager.mirabilis.com loops back to myself)
Aug 12 07:12:08 my postfix/smtp[5821]: DC895378C0: to=<ddoering@bellsouth.net>, relay=none, delay=57, status=deferred (Name service error for bellsouth.net: Host not found, try again)
Aug 12 07:12:14 my postfix/smtp[5822]: DC895378C0: to=<ddoerge@freeuk.com>, relay=mailspool.freeuk.net[212.126.144.57], delay=63, status=bounced (host mailspool.freeuk.net[212.126.144.57] said: 550-ddoerge@freeuk.com is not an active address at this host (invalid FreeUK 550 username))
Aug 12 07:12:23 my postfix/smtp[5820]: DC895378C0: to=<plauche@attbi.com>, relay=none, delay=72, status=deferred (Name service error for gateway.attbi.com: Host not found, try again)
Aug 12 07:42:31 my postfix/smtp[5859]: DC895378C0: to=<plauche@attbi.com>, relay=none, delay=1880, status=deferred (Name service error for attbi.com: Host not found, try again)
Aug 12 07:42:32 my postfix/smtp[5860]: DC895378C0: to=<ddoering@bellsouth.net>, relay=mx01.mail.bellsouth.net[205.152.59.33], delay=1881, status=sent (250 Message received: 20030812023917.MPHM1849.imf04aec.mail.bellsouth.net@my.host.name)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Aug 12 08:15:56 my postfix/smtp[5878]: DC895378C0: to=<plauche@attbi.com>, relay=none, delay=3885, status=deferred (Name service error for gateway.attbi.com: Host not found, try again)
Aug 12 09:22:21 my postfix/smtp[5938]: DC895378C0: to=<plauche@attbi.com>, relay=gateway.attbi.com[216.148.227.70], delay=7870, status=sent (250 ok ; id=20030812041905r130098408e)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
оба-на
Master 2.0 и postfix-1.1.7-alt3
Что делать?
--
Sergey V. Golovin
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [Comm] Postfix & open relay
2003-08-12 4:31 [Comm] Postfix & open relay Sergey V. Golovin
@ 2003-08-12 4:46 ` Mike Lykov
2003-08-12 5:05 ` Sergey V. Golovin
2003-08-12 4:59 ` Shawkat
` (2 subsequent siblings)
3 siblings, 1 reply; 10+ messages in thread
From: Mike Lykov @ 2003-08-12 4:46 UTC (permalink / raw)
To: community
В сообщении от Вторник 12 Август 2003 09:31 Sergey V. Golovin написал:
> Что делать?
http://members.iinet.net.au/~remmie/relay/
--
Mike
registered linux user #315334
jabber id: combr@jabber.ru
^ permalink raw reply [flat|nested] 10+ messages in thread* Re: [Comm] Postfix & open relay
2003-08-12 4:31 [Comm] Postfix & open relay Sergey V. Golovin
2003-08-12 4:46 ` Mike Lykov
@ 2003-08-12 4:59 ` Shawkat
2003-08-12 5:29 ` Sergey V. Golovin
2003-08-12 7:09 ` Dmitry Ivanov
2003-08-12 8:40 ` Sergey V. Golovin
3 siblings, 1 reply; 10+ messages in thread
From: Shawkat @ 2003-08-12 4:59 UTC (permalink / raw)
To: community
> In: rcpt to: <45185419@pager.mirabilis.com>
Кажись это ваш адресочек ?
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Comm] Postfix & open relay
2003-08-12 4:31 [Comm] Postfix & open relay Sergey V. Golovin
2003-08-12 4:46 ` Mike Lykov
2003-08-12 4:59 ` Shawkat
@ 2003-08-12 7:09 ` Dmitry Ivanov
2003-08-12 8:40 ` Sergey V. Golovin
3 siblings, 0 replies; 10+ messages in thread
From: Dmitry Ivanov @ 2003-08-12 7:09 UTC (permalink / raw)
To: community
On Tue, Aug 12, 2003 at 09:31:28AM +0500, Sergey V. Golovin wrote:
> Здравствуйте!
>
> Сегодня утром обнаружил
Некоторое время назад у меня были такие подозрения
насчёт одной из наших систем. Там postfix время от времени
начинал рассылать кучу непонятных писем.
Так вот. Если в письме указан один rcpt мой, а остальные
не мои, не начнёт ли postfix рассылать тем остальным?..
А как лучше посмотреть записи сессий SMTP?
--
D.I.M.S.S.: Digital Intelligent Machine Skilled in Sabotage
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Comm] Postfix & open relay
2003-08-12 4:31 [Comm] Postfix & open relay Sergey V. Golovin
` (2 preceding siblings ...)
2003-08-12 7:09 ` Dmitry Ivanov
@ 2003-08-12 8:40 ` Sergey V. Golovin
2003-08-12 8:40 ` Shawkat
3 siblings, 1 reply; 10+ messages in thread
From: Sergey V. Golovin @ 2003-08-12 8:40 UTC (permalink / raw)
To: community
Попробовал то же самое сделать вручную и
вот что получилось
Trying XXX.XXX.XXX.XXX...
Connected to my.host.name.
Escape character is '^]'.
220 my.host.name. ESMTP Postfix
ehlo another.my.host.name.
250-my.host.name.
250-PIPELINING
250-SIZE 20000000
250-ETRN
250-XVERP
250 8BITMIME
MAIL FROM: <xzjkl@gremio.com>
250 Ok
RCPT TO: <plauche@attbi.com>
250 Ok
RCPT TO: <xxx@xxx.ru>
554 <xxx@xxx.ru>: Recipient address rejected: Relay access denied
RSET
250 Ok
MAIL FROM: <xzjkl@gremio.com>
250 Ok
RCPT TO: <plauche@mail.ru>
554 <plauche@mail.ru>: Recipient address rejected: Relay access denied
RCPT TO: <plauche@attbi.com>
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
.
250 Ok: queued as 8C97B378B4
После этого в логах
/var/log/mail]# grep 8C97B378B4 all
Aug 12 13:28:05 my postfix/smtpd[6647]: 8C97B378B4: client=another.my.host.name[XXX.XXX.XXX.XXX]
Aug 12 13:30:55 my postfix/cleanup[6648]: 8C97B378B4: message-id=<20030812082805.8C97B378B4@my
.host.name>
Aug 12 13:30:55 my postfix/qmgr[6412]: 8C97B378B4: from=<xzjkl@gremio.com>, size=359, nrcpt=1 (queu
e active)
Aug 12 13:31:15 my postfix/smtp[6654]: 8C97B378B4: to=<plauche@attbi.com>, relay=none, delay=190, s
tatus=deferred (Name service error for gateway.attbi.com: Host not found, try again)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
но в очередь то поставила и утром на этот домен письмо _ушло_ от спамера (250)
????????????????????
--
Sergey V. Golovin
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2003-08-12 8:40 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-08-12 4:31 [Comm] Postfix & open relay Sergey V. Golovin
2003-08-12 4:46 ` Mike Lykov
2003-08-12 5:05 ` Sergey V. Golovin
2003-08-12 5:10 ` Mike Lykov
2003-08-12 5:26 ` Sergey V. Golovin
2003-08-12 4:59 ` Shawkat
2003-08-12 5:29 ` Sergey V. Golovin
2003-08-12 7:09 ` Dmitry Ivanov
2003-08-12 8:40 ` Sergey V. Golovin
2003-08-12 8:40 ` Shawkat
ALT Linux Community general discussions
This inbox may be cloned and mirrored by anyone:
git clone --mirror http://lore.altlinux.org/community/0 community/git/0.git
# If you have public-inbox 1.1+ installed, you may
# initialize and index your mirror using the following commands:
public-inbox-init -V2 community community/ http://lore.altlinux.org/community \
mandrake-russian@linuxteam.iplabs.ru community@lists.altlinux.org community@lists.altlinux.ru community@lists.altlinux.com
public-inbox-index community
Example config snippet for mirrors.
Newsgroup available over NNTP:
nntp://lore.altlinux.org/org.altlinux.lists.community
AGPL code for this site: git clone https://public-inbox.org/public-inbox.git