垃圾信件詢問
各位前輩,
小弟公司的Mail server 最近常常收到很多這類型的信件
可以請教幾個問題
1.這算是被當跳板嗎? (因為寄送公司網域的信件都是無此人的信件)
2.Name server reports domain name unknown這是....
3.底下有很多 Evaluating.... 這是正常的嗎?
4.如果這是假冒Google 寄來的文件 , 那請問要如何阻擋?
謝謝各位前輩
log 如下
----------
Session 497; child 2; thread 2428
Accepting SMTP connection from
Performing PTR lookup (170.112.169.52.IN-ADDR.ARPA)
*Error: Name server reports domain name unknown
*No PTR records found
---- End PTR results
--> 220 公司網域.com.tw ESMTP MDaemon 9.5.6; Tue, 08 Nov 2016 02:57:54 +0800
<-- HELO 公司IP
EHLO/HELO response delayed 9 seconds
Tue 2016-11-08 02:58:03: --> 250 公司網域.com.tw Hello 公司IP (may be forged), pleased to meet you
<-- MAIL FROM: <[email protected]>
Performing IP lookup (gmail.com)
*D=gmail.com TTL=(4) A=
*D=gmail.com TTL=(4) A=
*D=gmail.com TTL=(4) A=
*D=gmail.com TTL=(4) A=
*P=005 S=004 D=gmail.com TTL=(37) MX=
*P=010 S=003 D=gmail.com TTL=(37) MX=
*P=020 S=001 D=gmail.com TTL=(37) MX=
*P=030 S=000 D=gmail.com TTL=(37) MX=
*P=040 S=002 D=gmail.com TTL=(37) MX=
*D=gmail.com TTL=(2) A=
*D=gmail.com TTL=(1) A=
*D=GMAIL.com TTL=(2) A=
*D=gmail.com TTL=(4) A=
*D=gmail.com TTL=(0) A=
---- End IP lookup results
Performing SPF lookup (gmail.com / 52.169.112.170)
*Policy: v=spf1 redirect=_spf.google.com
*Evaluating redirect=_spf.google.com:
*Evaluating redirect=_spf.google.com: performing lookup
* Policy: v=spf1 include:_netblocks.google.com include:_netblocks2.google.com
include:_netblocks3.google.com ~all
* Evaluating include:_netblocks.google.com: performing lookup
* Policy: v=spf1 ip4:64.18.0.0/20 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20
ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:207.126.144.0/20
ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all
* Evaluating ip4:64.18.0.0/20: no match
* Evaluating ip4:64.233.160.0/19: no match
* Evaluating ip4:66.102.0.0/20: no match
* Evaluating ip4:66.249.80.0/20: no match
* Evaluating ip4:72.14.192.0/18: no match
* Evaluating ip4:74.125.0.0/16: no match
* Evaluating ip4:108.177.8.0/21: no match
* Evaluating ip4:173.194.0.0/16: no match
* Evaluating ip4:207.126.144.0/20: no match
* Evaluating ip4:209.85.128.0/17: no match
* Evaluating ip4:216.58.192.0/19: no match
* Evaluating ip4:216.239.32.0/19: no match
* Evaluating ~all: match
* Evaluating include:_netblocks.google.com: no match
* Evaluating include:_netblocks2.google.com: performing lookup
* Policy: v=spf1 ip6:2001:4860:4000::/36 ip6:2404:6800:4000::/36 ip6:2607:f8b0:4000::/36
ip6:2800:3f0:4000::/36 ip6:2a00:1450:4000::/36 ip6:2c0f:fb50:4000::/36 ~all
* Evaluating ip6:2001:4860:4000::/36: unknown mechanism
* Evaluating include:_netblocks2.google.com:
*Result: neutral
---- End SPF results
--> 250 <[email protected]>, Sender ok
<-- RCPT TO: <carol715@公司網域.com.tw>
Sender attempted to deliver message to unknown address
--> 550 <carol715@公司網域.com.tw>, Recipient unknown
<-- RCPT TO: <eve@公司網域.com.tw>
Sender attempted to deliver message to unknown address
--> 550 <eve@公司網域.com.tw>, Recipient unknown
<-- QUIT
--> 221 See ya in cyberspace
SMTP session terminated (Bytes in/out: 118/292
頁:
[1]