擋掉的廣告信去了那裡了？

beejack 發表於 2005-8-17 22:36:51

請問一下，mdaemon可以把擋掉的廣告信寄到一個指定的信箱嗎？ 而不是直接的刪掉。 還有被擋掉的病毒信是直接殺掉了，還是… 請大大們解答了。 謝謝 <img src='http://www.suma.tw/uploads/smil3dbd4d6422f04.gif' border='0' style='vertical-align:middle' alt='smil3dbd4d6422f04.gif' />

MarchFun 發表於 2005-8-17 22:43:23

這全都要看你的需要而定囉！理論上都可以做到。

beejack 發表於 2005-8-18 01:00:13

</div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>引言 (March Fun @ 2005/8/17 - 22:43)</td></tr><tr><td id='QUOTE'> 這全都要看你的需要而定囉！理論上都可以做到。  </td></tr></table><div class='postcolor'>  請問一下，站長，是另外要設參數，還是mdaemon設定的選項就有了呢？ 我找不到說。 我用的是mdaemon mail server pro　8.1.1

MarchFun 發表於 2005-8-18 10:58:38

這必須要利用 Content Filter 來做。所以並不能百分之百的轉寄。

Rhode 發表於 2005-8-19 09:33:48

MarchFun 發表於 2005-8-19 12:03:18

是否退回也還是得看你的設定。像我們這裏都直接刪，不退回。因為大部份的垃圾信都是假的地址，如果設定成退回的話...郵件伺服器一整天都要忙於重試這些無效的地址。 如果每封設定要重試三天，那三天下來要累積多少？...呵呵呵！ <img src='http://www.suma.tw/uploads/smiles-a006.gif' border='0' style='vertical-align:middle' alt='smiles-a006.gif' />

beejack 發表於 2005-8-22 01:04:33

</div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td>引言 (March Fun @ 2005/8/19 - 12:03)</td></tr><tr><td id='QUOTE'> 是否退回也還是得看你的設定。像我們這裏都直接刪，不退回。因為大部份的垃圾信都是假的地址，如果設定成退回的話...郵件伺服器一整天都要忙於重試這些無效的地址。 如果每封設定要重試三天，那三天下來要累積多少？...呵呵呵！ <img src='http://www.suma.tw/uploads/smiles-a006.gif' border='0' style='vertical-align:middle' alt='smiles-a006.gif' />  </td></tr></table><div class='postcolor'>  對喔。 可以設成還是收下來，但在標題標示**SPAM**嗎？ 對企業來說，如果誤刪郵件的話，事情可大可小！

隨風浮雲 發表於 2005-8-22 08:09:10

目前我觀察到的log約可分成二種廣告信， 第一種是不合法寄件人，他可能是自已用廣告信發信機，所以他沒有合法的網域，而且email也是用隨機命名，這種廣告信被MDAEMON收下來之後，只要正查、反查且查無此人之後，MDAEMON就直接踢掉。 第二種是合法寄件人，他可能是用YAHOO、GMAIL、HOTMAIL這類免費信箱，當然也有人會用HINET、SEEDNET付費信箱，在前面的查詢都通過之後，會開始進行評分動作，首先如果你有設定DBL查詢，這就會是第一個評分，然後是針對信件內容的分析，然後它會加總起來，這時你就可以設定多少分數以上是在信件標題標明"廣告信"字言，多少分數以上是直接踢掉，內定是5分以上標註SPAM，12分以上是踢掉。 說真的這種機制，目前我尚未遇到踢掉正常信過，至於標註錯誤大都是hinet、yahoo、sonet這些網站自己發出的廣告信，所以也不能算是錯誤。 下面這個例子是想用我們公司的郵件伺服器轉信，當然是被踢掉 ------------------------------------------------------------------------------- Mon 2005-08-22 04:05:05: Session 3178; child 1; thread 23136 Mon 2005-08-22 04:05:04: Accepting SMTP connection from Mon 2005-08-22 04:05:04: Performing PTR lookup (226.148.81.219.IN-ADDR.ARPA) Mon 2005-08-22 04:05:04: * D=226.148.81.219.IN-ADDR.ARPA TTL=(470) PTR= Mon 2005-08-22 04:05:04: * Gathering A records... Mon 2005-08-22 04:05:04: * D=219-81-148-226.dynamic.tfn.net.tw TTL=(1308) A= Mon 2005-08-22 04:05:04: ---- End PTR results Mon 2005-08-22 04:05:04: --> 220 cfwater.com.tw ESMTP MDaemon 8.1.1; Mon, 22 Aug 2005 04:05:04 +0800 Mon 2005-08-22 04:05:04: <-- HELO 211.21.191.230 Mon 2005-08-22 04:05:04: --> 250 cfwater.com.tw Hello 219-81-148-226.dynamic.tfn.net.tw (may be forged), pleased to meet you Mon 2005-08-22 04:05:05: <-- MAIL FROM:<[email protected]> Mon 2005-08-22 04:05:05: Performing IP lookup (yahoo.com) Mon 2005-08-22 04:05:05: * D=yahoo.com TTL=(4) A= Mon 2005-08-22 04:05:05: * P=005 D=yahoo.com TTL=(74) MX= {68.142.202.12} Mon 2005-08-22 04:05:05: * P=001 D=yahoo.com TTL=(74) MX= {64.156.215.6} Mon 2005-08-22 04:05:05: * P=001 D=yahoo.com TTL=(74) MX= {67.28.114.35} Mon 2005-08-22 04:05:05: * P=001 D=yahoo.com TTL=(74) MX= {4.79.181.15} Mon 2005-08-22 04:05:05: ---- End IP lookup results Mon 2005-08-22 04:05:05: --> 250 <[email protected]>, Sender ok Mon 2005-08-22 04:05:05: <-- RCPT TO:<[email protected]> Mon 2005-08-22 04:05:05: Sender attempted to deliver message to unknown address Mon 2005-08-22 04:05:05: --> 550 <[email protected]>, Recipient unknown Mon 2005-08-22 04:05:05: <-- QUIT Mon 2005-08-22 04:05:05: --> 221 See ya in cyberspace Mon 2005-08-22 04:05:05: SMTP session terminated (Bytes in/out: 98/287) Mon 2005-08-22 04:05:05: ---------- 下面這個例子是不合法的收信者，也被踢掉 Mon 2005-08-22 04:05:05: ---------- Mon 2005-08-22 04:43:49: Session 3189; child 1; thread 22996 Mon 2005-08-22 04:43:47: Accepting SMTP connection from Mon 2005-08-22 04:43:47: Performing PTR lookup (39.55.140.221.IN-ADDR.ARPA) Mon 2005-08-22 04:43:48: * Error: Name server reports domain name unknown Mon 2005-08-22 04:43:48: ---- End PTR results Mon 2005-08-22 04:43:48: --> 220 cfwater.com.tw ESMTP MDaemon 8.1.1; Mon, 22 Aug 2005 04:43:48 +0800 Mon 2005-08-22 04:43:48: <-- HELO 211.21.191.230 Mon 2005-08-22 04:43:48: --> 250 cfwater.com.tw Hello 211.21.191.230 (may be forged), pleased to meet you Mon 2005-08-22 04:43:48: <-- MAIL FROM: <[email protected]> Mon 2005-08-22 04:43:48: Performing IP lookup (daum.net) Mon 2005-08-22 04:43:48: * D=daum.net TTL=(747) A= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= {211.43.197.85} Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * P=010 D=daum.net TTL=(741) MX= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(737) A= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(690) A= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(701) A= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(752) A= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(747) A= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(737) A= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(737) A= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(671) A= Mon 2005-08-22 04:43:48: * D=daum.net TTL=(699) A= Mon 2005-08-22 04:43:48: ---- End IP lookup results Mon 2005-08-22 04:43:48: --> 250 <[email protected]>, Sender ok Mon 2005-08-22 04:43:49: <-- RCPT TO: <[email protected]> Mon 2005-08-22 04:43:49: Sender attempted to deliver message to unknown address Mon 2005-08-22 04:43:49: --> 550 <[email protected]>, Recipient unknown Mon 2005-08-22 04:43:49: Error reading from socket! Mon 2005-08-22 04:43:49: Unexpected socket closure Mon 2005-08-22 04:43:49: SMTP session terminated (Bytes in/out: 88/236) Mon 2005-08-22 04:43:49: ---------- 下面這個則是評分過高的寄件者，當然也是踢掉： Mon 2005-08-22 04:43:49: ---------- Mon 2005-08-22 06:03:02: Session 3220; child 1; thread 23316 Mon 2005-08-22 06:02:58: Accepting SMTP connection from Mon 2005-08-22 06:02:58: Performing PTR lookup (13.160.120.59.IN-ADDR.ARPA) Mon 2005-08-22 06:02:58: * D=13.160.120.59.IN-ADDR.ARPA TTL=(310) PTR= Mon 2005-08-22 06:02:58: * Gathering A records... Mon 2005-08-22 06:02:58: * D=59-120-160-13.HINET-IP.hinet.net TTL=(639) A= Mon 2005-08-22 06:02:58: ---- End PTR results Mon 2005-08-22 06:02:58: --> 220 cfwater.com.tw ESMTP MDaemon 8.1.1; Mon, 22 Aug 2005 06:02:58 +0800 Mon 2005-08-22 06:02:58: <-- HELO 211.21.191.230 Mon 2005-08-22 06:02:58: --> 250 cfwater.com.tw Hello 59-120-160-13.HINET-IP.hinet.net (may be forged), pleased to meet you Mon 2005-08-22 06:02:58: <-- MAIL FROM: <[email protected]> Mon 2005-08-22 06:02:58: Performing IP lookup (yyhmail.com) Mon 2005-08-22 06:02:58: * D=yyhmail.com TTL=(26) A= Mon 2005-08-22 06:02:58: * P=020 D=yyhmail.com TTL=(2) MX= {208.36.123.75} Mon 2005-08-22 06:02:58: * P=010 D=yyhmail.com TTL=(2) MX= {205.158.62.177} Mon 2005-08-22 06:02:58: ---- End IP lookup results Mon 2005-08-22 06:02:58: --> 250 <[email protected]>, Sender ok Mon 2005-08-22 06:02:58: <-- RCPT TO: <[email protected]> Mon 2005-08-22 06:02:58: Performing DNS-BL lookup (59.120.160.13 - connecting IP) Mon 2005-08-22 06:02:58: * sbl-xbl.spamhaus.org - passed Mon 2005-08-22 06:02:58: * opm.blitzed.org - passed Mon 2005-08-22 06:02:59: * relays.ordb.org - passed Mon 2005-08-22 06:02:59: * bl.spamcop.net - passed Mon 2005-08-22 06:02:59: ---- End DNS-BL results Mon 2005-08-22 06:02:59: --> 250 <[email protected]>, Recipient ok Mon 2005-08-22 06:02:59: <-- DATA Mon 2005-08-22 06:02:59: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000000413.tmp Mon 2005-08-22 06:02:59: --> 354 Enter mail, end with <CRLF>.<CRLF> Mon 2005-08-22 06:02:59: Message size: 5591 bytes Mon 2005-08-22 06:02:59: Passing message through AntiVirus (Size: 5591)... Mon 2005-08-22 06:02:59: * Message is clean (no viruses found) Mon 2005-08-22 06:02:59: ---- End AntiVirus results Mon 2005-08-22 06:02:59: Passing message through Spam Filter (Size: 5591)... Mon 2005-08-22 06:03:02: * 4.1 MIME_BOUND_DD_DIGITS Spam tool pattern in MIME boundary Mon 2005-08-22 06:03:02: * 3.8 MSGID_SPAM_CAPS Spam tool Message-Id: (caps variant) Mon 2005-08-22 06:03:02: * 2.9 SUBJ_ILLEGAL_CHARS Subject contains too many raw illegal characters Mon 2005-08-22 06:03:02: * 0.0 NORMAL_HTTP_TO_IP URI: Uses a dotted-decimal IP address in URL Mon 2005-08-22 06:03:02: * 0.0 HTML_WEB_BUGS BODY: Image tag intended to identify you Mon 2005-08-22 06:03:02: * 0.1 HTML_80_90 BODY: Message is 80% to 90% HTML Mon 2005-08-22 06:03:02: * 10 BAYES_99 BODY: Bayesian spam probability is 99 to 100% Mon 2005-08-22 06:03:02: * Mon 2005-08-22 06:03:02: * 0.0 HTML_FONT_INVISIBLE BODY: HTML font color is same as background Mon 2005-08-22 06:03:02: * 0.1 HTML_IMAGE_RATIO_04 BODY: HTML has a low ratio of text to image area Mon 2005-08-22 06:03:02: * 0.2 MIME_HTML_ONLY BODY: Message only has text/html MIME parts Mon 2005-08-22 06:03:02: * 0.1 MPART_ALT_DIFF BODY: HTML and text parts are different Mon 2005-08-22 06:03:02: * 0.0 HTML_FONT_FACE_BAD BODY: HTML font face is not a word Mon 2005-08-22 06:03:02: * 0.0 HTML_MESSAGE BODY: HTML included in message Mon 2005-08-22 06:03:02: * 2.1 FRONTPAGE RAW: Frontpage used to create the message Mon 2005-08-22 06:03:02: * 0.3 MIME_BASE64_TEXT RAW: Message text disguised using base64 encoding Mon 2005-08-22 06:03:02: * 0.6 FORGED_OUTLOOK_HTML Outlook can't send HTML message only Mon 2005-08-22 06:03:02: * 3.2 FORGED_MUA_OIMO Forged mail pretending to be from MS Outlook IMO Mon 2005-08-22 06:03:02: * 2.4 MIME_HTML_ONLY_MULTI Multipart message only has text/html MIME parts Mon 2005-08-22 06:03:02: * 0.0 MISSING_MIMEOLE Message has X-MSMail-Priority, but no X-MimeOLE Mon 2005-08-22 06:03:02: * 0.0 UPPERCASE_50_75 message body is 50-75% uppercase Mon 2005-08-22 06:03:02: ---- End SpamAssassin results Mon 2005-08-22 06:03:02: Spam Filter score/req: 30.08/12.0 Mon 2005-08-22 06:03:02: Message refused because spam score is too high Mon 2005-08-22 06:03:02: --> 554 Sorry, message looks like SPAM to me Mon 2005-08-22 06:03:02: <-- QUIT Mon 2005-08-22 06:03:02: --> 221 See ya in cyberspace Mon 2005-08-22 06:03:02: SMTP session terminated (Bytes in/out: 5703/366) Mon 2005-08-22 06:03:02: ---------- 下面這個則是我們公司根本沒有這號人物，也就是智慧學習設陷阱，當然也是被踢掉： Mon 2005-08-22 06:03:02: ---------- Mon 2005-08-22 07:49:22: Session 3256; child 1; thread 23648 Mon 2005-08-22 07:49:22: Accepting SMTP connection from Mon 2005-08-22 07:49:22: Performing PTR lookup (5.3.185.211.IN-ADDR.ARPA) Mon 2005-08-22 07:49:22: * Error: Name server reports domain name unknown Mon 2005-08-22 07:49:22: ---- End PTR results Mon 2005-08-22 07:49:22: --> 220 cfwater.com.tw ESMTP MDaemon 8.1.1; Mon, 22 Aug 2005 07:49:22 +0800 Mon 2005-08-22 07:49:22: <-- HELO 211.21.191.230 Mon 2005-08-22 07:49:22: --> 250 cfwater.com.tw Hello 211.21.191.230 (may be forged), pleased to meet you Mon 2005-08-22 07:49:22: <-- MAIL FROM: <[email protected]> Mon 2005-08-22 07:49:22: Performing IP lookup (ms25.hinet.net) Mon 2005-08-22 07:49:22: * D=ms25.hinet.net TTL=(1440) A= Mon 2005-08-22 07:49:22: * P=000 D=ms25.hinet.net TTL=(1440) MX= {168.95.5.25} Mon 2005-08-22 07:49:22: ---- End IP lookup results Mon 2005-08-22 07:49:22: --> 250 <[email protected]>, Sender ok Mon 2005-08-22 07:49:22: <-- RCPT TO: <[email protected]> Mon 2005-08-22 07:49:22: Sender attempted to deliver message to unknown address Mon 2005-08-22 07:49:22: --> 550 <[email protected]>, Recipient unknown Mon 2005-08-22 07:49:22: <-- QUIT Mon 2005-08-22 07:49:22: --> 221 See ya in cyberspace Mon 2005-08-22 07:49:22: SMTP session terminated (Bytes in/out: 102/270) Mon 2005-08-22 07:49:22: ---------- <img src='http://www.suma.tw/uploads/smil3dbd4e5e7563a.gif' border='0' style='vertical-align:middle' alt='smil3dbd4e5e7563a.gif' /> 每天收這些垃圾信，只是浪費頻寬而已，政府應該訂定法律，把這些人關起來才對。　<img src='http://www.suma.tw/uploads/smiles-a012.gif' border='0' style='vertical-align:middle' alt='smiles-a012.gif' />

頁: [1]

數碼中文坊's Archiver

擋掉的廣告信去了那裡了？