要如何擋這類的信?
各位…<br>在下面的log中… 我該如何設定有效的阻擋呢 <!--emo&:請問:--><img src='http://www.suma.tw/uploads/smiles-058.gif' border='0' style='vertical-align:middle' alt='smiles-058.gif' /><!--endemo--> <br>知道了PTR=68-115-229-134.static.spbg.sc.charter.com<br>但是阻擋IP的並無法可以直接用*.static.*來阻擋。<br><br>那用hostname來阻擋時…<br>這封垃圾信卻不是用它的ip反解來成為它的主機名稱…<br>而是hostname=outdoorweb<br><br>-----------------------------------------------------------------------------------------------<br>Thu 2005-11-03 14:22:26: Session 1031; child 1; thread 1064<br>Thu 2005-11-03 14:22:13: Accepting SMTP connection from <br>Thu 2005-11-03 14:22:13: Performing PTR lookup (134.229.115.68.IN-ADDR.ARPA)<br>Thu 2005-11-03 14:22:15: * D=134.229.115.68.IN-ADDR.ARPA TTL=(720) PTR=[<span style='color:red'>68-115-229-134.static.spbg.sc.charter.com</span>]<br>Thu 2005-11-03 14:22:15: * Gathering A records...<br>Thu 2005-11-03 14:22:15: * D=68-115-229-134.static.spbg.sc.charter.com TTL=(60) A=<br>Thu 2005-11-03 14:22:15: ---- End PTR results<br>Thu 2005-11-03 14:22:15: --> 220 mymail.test.com.tw ESMTP MDaemon 8.1.1; Thu, 03 Nov 2005 14:22:15 +0800<br>Thu 2005-11-03 14:22:15: <-- XXXX outdoorweb<br>Thu 2005-11-03 14:22:15: --> 500 What? I don't understand that.<br>Thu 2005-11-03 14:22:16: <-- HELO <span style='color:red'>outdoorweb</span><br>Thu 2005-11-03 14:22:16: Performing IP lookup (outdoorweb)<br>Thu 2005-11-03 14:22:16: * Error: Name server reports domain name unknown<br>Thu 2005-11-03 14:22:16: ---- End IP lookup results<br>Thu 2005-11-03 14:22:16: --> 250 mymail.test.com.tw Hello 68-115-229-134.static.spbg.sc.charter.com, pleased to meet you<br>Thu 2005-11-03 14:22:17: <-- MAIL FROM:<[email protected]><br>Thu 2005-11-03 14:22:17: Performing IP lookup (cxfse168.com)<br>Thu 2005-11-03 14:22:18: * P=100 D=cxfse168.com TTL=(60) MX=<br>Thu 2005-11-03 14:22:18: ---- End IP lookup results<br>Thu 2005-11-03 14:22:18: --> 250 <[email protected]>, Sender ok<br>Thu 2005-11-03 14:22:18: <-- RCPT TO:<[email protected]><br>----------------------------------------------------------------------------------------------- 我再補上完整的log....<br><br>Thu 2005-11-03 14:22:24: ----------<br>Thu 2005-11-03 14:22:26: Session 1031; child 1; thread 1064<br>Thu 2005-11-03 14:22:13: Accepting SMTP connection from <br>Thu 2005-11-03 14:22:13: Performing PTR lookup (134.229.115.68.IN-ADDR.ARPA)<br>Thu 2005-11-03 14:22:15: * D=134.229.115.68.IN-ADDR.ARPA TTL=(720) PTR=<br>Thu 2005-11-03 14:22:15: * Gathering A records...<br>Thu 2005-11-03 14:22:15: * D=68-115-229-134.static.spbg.sc.charter.com TTL=(60) A=<br>Thu 2005-11-03 14:22:15: ---- End PTR results<br>Thu 2005-11-03 14:22:15: --> 220 mymail.test.com.tw ESMTP MDaemon 8.1.1; Thu, 03 Nov 2005 14:22:15 +0800<br>Thu 2005-11-03 14:22:15: <-- XXXX outdoorweb<br>Thu 2005-11-03 14:22:15: --> 500 What? I don't understand that.<br>Thu 2005-11-03 14:22:16: <-- HELO outdoorweb<br>Thu 2005-11-03 14:22:16: Performing IP lookup (outdoorweb)<br>Thu 2005-11-03 14:22:16: * Error: Name server reports domain name unknown<br>Thu 2005-11-03 14:22:16: ---- End IP lookup results<br>Thu 2005-11-03 14:22:16: --> 250 mymail.test.com.tw Hello 68-115-229-134.static.spbg.sc.charter.com, pleased to meet you<br>Thu 2005-11-03 14:22:17: <-- MAIL FROM:<[email protected]><br>Thu 2005-11-03 14:22:17: Performing IP lookup (cxfse168.com)<br>Thu 2005-11-03 14:22:18: * P=100 D=cxfse168.com TTL=(60) MX=<br>Thu 2005-11-03 14:22:18: ---- End IP lookup results<br>Thu 2005-11-03 14:22:18: --> 250 <[email protected]>, Sender ok<br>Thu 2005-11-03 14:22:18: <-- RCPT TO:<[email protected]><br>Thu 2005-11-03 14:22:18: Performing DNS-BL lookup (68.115.229.134 - connecting IP)<br>Thu 2005-11-03 14:22:19: * sbl-xbl.spamhaus.org - passed<br>Thu 2005-11-03 14:22:19: * opm.blitzed.org - passed<br>Thu 2005-11-03 14:22:20: * relays.ordb.org - passed<br>Thu 2005-11-03 14:22:20: * bl.spamcop.net - passed<br>Thu 2005-11-03 14:22:20: ---- End DNS-BL results<br>Thu 2005-11-03 14:22:20: --> 250 <[email protected]>, Recipient ok<br>Thu 2005-11-03 14:22:21: <-- DATA<br>Thu 2005-11-03 14:22:21: Creating temp file (SMTP): d:\mdaemon\temp\md50000000258.tmp<br>Thu 2005-11-03 14:22:21: --> 354 Enter mail, end with <CRLF>.<CRLF><br>Thu 2005-11-03 14:22:21: Message size: 2365 bytes<br>Thu 2005-11-03 14:22:21: Performing DomainKeys lookup (Sender: [email protected])<br>Thu 2005-11-03 14:22:21: * Message-ID: OUTDOORWEBxArGvnCjn000044d4@outdoorweb<br>Thu 2005-11-03 14:22:21: * Querying for policy: cxfse168.com<br>Thu 2005-11-03 14:22:21: * Querying: _domainkey.cxfse168.com ...<br>Thu 2005-11-03 14:22:23: * DNS: Name server reports domain name unknown<br>Thu 2005-11-03 14:22:23: * Result: pass<br>Thu 2005-11-03 14:22:23: ---- End DomainKeys results<br>Thu 2005-11-03 14:22:23: Passing message through AntiVirus (Size: 2365)...<br>Thu 2005-11-03 14:22:23: * Message is clean (no viruses found)<br>Thu 2005-11-03 14:22:23: ---- End AntiVirus results<br>Thu 2005-11-03 14:22:23: Passing message through Spam Filter (Size: 2365)...<br>Thu 2005-11-03 14:22:25: * 1.4 DOMAIN_RATIO BODY: Message body mentions many internet domains<br>Thu 2005-11-03 14:22:25: * 1.2 MIME_HTML_ONLY BODY: Message only has text/html MIME parts<br>Thu 2005-11-03 14:22:25: * 0.8 HTML_IMAGE_ONLY_20 BODY: HTML: images with 1600-2000 bytes of words<br>Thu 2005-11-03 14:22:25: * 0.0 HTML_MESSAGE BODY: HTML included in message<br>Thu 2005-11-03 14:22:25: * 0.2 HTML_90_100 BODY: Message is 90% to 100% HTML<br>Thu 2005-11-03 14:22:25: ---- End SpamAssassin results<br>Thu 2005-11-03 14:22:25: Spam Filter score/req: 3.55/12.0<br>Thu 2005-11-03 14:22:25: Message creation successful: d:\mdaemon\inbound\md50000014890.msg<br>Thu 2005-11-03 14:22:25: --> 250 Ok, message saved <Message-ID: <OUTDOORWEBxArGvnCjn000044d4@outdoorweb>><br>Thu 2005-11-03 14:22:26: <-- QUIT<br>Thu 2005-11-03 14:22:26: --> 221 See ya in cyberspace<br>Thu 2005-11-03 14:22:26: SMTP session successful (Bytes in/out: 2485/440)<br>Thu 2005-11-03 14:22:26: ---------- 如果說 Address IP HOST 隨時都在變更<br>那就真的無法確實檔下, 我的方式是....就讓它過吧!<br>擋垃圾信真的很傷腦筋, 我已經很少花時間在這上面了
頁:
[1]