某個帳號收到一堆主旨Permanent Delivery Failure
本文章最後由 bruce0817 於 2017-5-8 04:37 PM 編輯請問這個情形是被大量發信嗎?教學區該設定的都有設定SMTP Authentication...Reverse Lookups...POP Before SMTP...Trusted Hosts...Hosts Screen--- Session Transcript --- Mon 2017-05-08 14:02:46: Parsing message<xxxxxxxxxxxxxxxxxxxxxxxx\pd35000050109.msg>
Mon 2017-05-08 14:02:46: *From: [email protected](使用者信箱)
Mon 2017-05-08 14:02:46: *To: [email protected]
Mon 2017-05-08 14:02:46: *Subject: 10 Messages blocked From [email protected]
Mon 2017-05-08 14:02:46: *Message-ID:
Mon 2017-05-08 14:02:46: Attempting SMTP connection to
Mon 2017-05-08 14:02:46: Resolving MX records for (DNS Server: 168.95.1.1)...
Mon 2017-05-08 14:02:55: *P=005 S=001 D=greenmotortech.comTTL=(10) MX=
Mon 2017-05-08 14:02:55: *P=010 S=000 D=greenmotortech.comTTL=(10) MX=
Mon 2017-05-08 14:02:55: Attempting SMTP connection to
Mon 2017-05-08 14:02:55: Resolving A record for (DNSServer: 168.95.1.1)...
Mon 2017-05-08 14:02:55: *D=mxbiz1.qq.com TTL=(20)A=
Mon 2017-05-08 14:02:55: Attempting SMTP connection to
Mon 2017-05-08 14:02:55: Waiting for socket connection...
Mon 2017-05-08 14:02:55: *Connection established(192.168.1.201:3337 -> 203.205.147.218:25)
Mon 2017-05-08 14:02:55: Waiting for protocol to start...
Mon 2017-05-08 14:02:55: <-- 220 bizmx5.qq.com MX QQ Mail Server
Mon 2017-05-08 14:02:55: --> EHLO abc.com.tw(domain name)
Mon 2017-05-08 14:02:55: <-- 250-bizmx5.qq.com
Mon 2017-05-08 14:02:55: <-- 250-SIZE 73400320
Mon 2017-05-08 14:02:55: <-- 250 OK
Mon 2017-05-08 14:02:55: --> MAIL From:[email protected](使用者信箱)SIZE=11775
Mon 2017-05-08 14:02:55: <-- 250 Ok
Mon 2017-05-08 14:02:55: --> RCPT To:<[email protected]>
Mon 2017-05-08 14:02:55: <-- 250 Ok
Mon 2017-05-08 14:02:55: --> DATA
Mon 2017-05-08 14:02:55: <-- 354 End data with<CR><LF>.<CR><LF>
Mon 2017-05-08 14:02:55: Sending<xxxxxxxxxxxxxxxxxxxxxxxx\pd35000050109.msg> to
Mon 2017-05-08 14:02:55: Transfer Complete
Mon 2017-05-08 14:02:55: --> QUIT
--- End Transcript --- 1. 那個使用者信箱確實存在嗎?
2. 也有可能該使用者中了木馬 該使用者確實存在,目前Host Screen加入domain name及IP觀察中 所以你的意思是,該使用者不是由內部寄出?寄信的 IP 是外部的?如果這樣不見得會是你們的問題,垃圾客可能僅是捏造你們的帳號,不一定是經由你的主機寄出。
頁:
[1]