請問這樣跳板的問題該如何阻擋.防止
本文章最後由 jeffchang 於 2012-10-4 04:30 PM 編輯=================================================================
網路相關資訊: DNS自行設定管 . 有申請反解 . 為固定IP並已穿透
server: windows XP
MDaemon SMTP/POP/IMAP server: 6.0.8[繁中化]
WorldClient HTTP server: v6.0.8
WorldClient DLL: v6.0.8
Domain Name: master1995.com.tw
=================================================================
狀況如附圖,請問這樣跳板的問題該如何阻擋.防止,我有試了安全性設定值的"位址抑制"(先前被當跳板都用這功能處理,且行的通),但自從重灌server後,這招就行不通了,請求支援~ Orz
https://fbcdn-sphotos-f-a.akamaihd.net/hphotos-ak-prn1/73989_3663267987204_894927853_n.jpg 本文章最後由 jeffchang 於 2012-10-4 04:41 PM 編輯
MDaemon SMTP動態 如下
Thu 2012-10-04 16:34:44: ----------
Thu 2012-10-04 16:34:22: 正在接受 SMTP 連線來自:
Thu 2012-10-04 16:34:22: Looking up PTR record for 50.16.133.166 (166.133.16.50.IN-ADDR.ARPA)
Thu 2012-10-04 16:34:22: D=166.133.16.50.IN-ADDR.ARPA TTL=(5) PTR=
Thu 2012-10-04 16:34:25: Gathering A-records for PTR hosts
Thu 2012-10-04 16:34:25: D=ec2-50-16-133-166.compute-1.amazonaws.com TTL=(5890) A=
Thu 2012-10-04 16:34:25: 220 master1995.com.tw ESMTP MDaemon 6.0.8; Thu, 04 Oct 2012 16:34:25 +0800
Thu 2012-10-04 16:34:25: HELO ec2-50-16-133-166.compute-1.amazonaws.com
Thu 2012-10-04 16:34:25: 250 master1995.com.tw Hello ec2-50-16-133-166.compute-1.amazonaws.com, pleased to meet you (很高興見到你)
Thu 2012-10-04 16:34:26: MAIL FROM: <[email protected]>
Thu 2012-10-04 16:34:26: 250 <[email protected]>, Sender ok (發信人確定)
Thu 2012-10-04 16:34:26: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:26: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:27: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:27: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:27: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:27: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:28: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:28: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:28: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:28: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:29: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:29: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:29: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:29: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
..
..
..
..(字數限制中間大同小異)
Thu 2012-10-04 16:34:40: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:40: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:41: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:41: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:41: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:41: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:42: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:42: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:42: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:42: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:43: RSET
Thu 2012-10-04 16:34:43: 250 RSET? Well, ok.
Thu 2012-10-04 16:34:43: MAIL FROM: <[email protected]>
Thu 2012-10-04 16:34:43: 250 <[email protected]>, Sender ok (發信人確定)
Thu 2012-10-04 16:34:44: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:44: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:44: SMTP 連線期間異常終止,已發送 1210 位元組。
Thu 2012-10-04 16:34:44: ----------
Thu 2012-10-04 16:33:56: 正在接受 SMTP 連線來自:
Thu 2012-10-04 16:33:56: 220 master1995.com.tw ESMTP MDaemon 6.0.8; Thu, 04 Oct 2012 16:33:56 +0800
Thu 2012-10-04 16:33:57: HELO 61.63.49.101
Thu 2012-10-04 16:33:57: 250 master1995.com.tw Hello 61.63.49.101, pleased to meet you (很高興見到你)
Thu 2012-10-04 16:34:28: MAIL FROM: <[email protected]>
Thu 2012-10-04 16:34:28: 250 <[email protected]>, Sender ok (發信人確定)
Thu 2012-10-04 16:34:42: RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:42: 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:47: SMTP 連線期間異常終止,已發送 87 位元組。
Thu 2012-10-04 16:34:47: ----------
關掉 Open Relay,參考:
如何避免成為垃圾信的跳板
http://www.suma.tw/forum.php?mod=viewthread&tid=756&fromuid=1
已經關掉 Open Relay了,也閱讀過"MDaemon 的一些必要防護設定"
位址抑制應該是有把對方擋掉了,只不過對方還是持續的傳送,所以Activity才會出現 [email protected]的SMTP接收,過了一天就沒有再被攻擊的跡象了{:1_1:}
MarchFun 發表於 2012-10-5 11:17 AM
關掉 Open Relay,參考:
如何避免成為垃圾信的跳板
感謝您,研讀中
頁:
[1]