最近有注意到一種垃圾信 , 重點是他仿冒 我公司的 Email Address , 寄信給自己 ,
觀看上述的說明, 開 POP Before SMTP 就不會被仿冒 ! 但我確定已經是打開的 !!!
會是一種新的技術 ? 或 我公司的密碼 被解 ? 可以從那裡看出 他有 pop before SMTP ??
或 其他 ?
ps: 也因為是 Local user , AntiSpam 跟本不會 動作
[email protected] 是我公司的 Email
垃圾信的內容 :
=================================================
-----Original Message----- From: [email protected] [mailto:[email protected]] Sent: 無 To: [email protected] Subject: 各行各業馬上業績double!!
http://work.xxx
貴公司xxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxx
電洽0922-177-yyy 本公司網站 http://work.xxx
=========================================
Smtp in 的 Log ...
=========================================
---------- Wed 2008-04-09 13:44:51: Session 5279; child 1; thread 2488 Wed 2008-04-09 13:44:49: Accepting SMTP connection from [220.131.106.39:4993] Wed 2008-04-09 13:44:49: Performing PTR lookup (39.106.131.220.IN-ADDR.ARPA) Wed 2008-04-09 13:44:49: * D=39.106.131.220.IN-ADDR.ARPA TTL=(1440) PTR=[220-131-106-39.HINET-IP.hinet.net] Wed 2008-04-09 13:44:49: * Gathering A records... Wed 2008-04-09 13:44:49: * D=220-131-106-39.HINET-IP.hinet.net TTL=(1440) A=[220.131.106.39] Wed 2008-04-09 13:44:49: ---- End PTR results Wed 2008-04-09 13:44:49: --> 220 xxxxxx.com.tw ESMTP MDaemon 9.6.5; Wed, 09 Apr 2008 13:44:49 +0800 Wed 2008-04-09 13:44:50: <-- HELO Lxlouisa.COM Wed 2008-04-09 13:44:50: --> 250 xxxxxx.com.tw Hello 220-131-106-39.HINET-IP.hinet.net, pleased to meet you Wed 2008-04-09 13:44:50: <-- mail from: <[email protected]> Wed 2008-04-09 13:44:50: --> 250 <[email protected]>, Sender ok Wed 2008-04-09 13:44:50: <-- RCPT TO:<[email protected]> Wed 2008-04-09 13:44:50: Performing DNS-BL lookup (220.131.106.39 - connecting IP) Wed 2008-04-09 13:44:50: * zen.spamhaus.org - failed Wed 2008-04-09 13:44:50: ---- End DNS-BL results Wed 2008-04-09 13:44:50: --> 250 <[email protected]>, Recipient ok Wed 2008-04-09 13:44:50: <-- data Wed 2008-04-09 13:44:50: Creating temp file (SMTP): c:\mdaemon\temp\md50000016499.tmp Wed 2008-04-09 13:44:50: --> 354 Enter mail, end with <CRLF>.<CRLF> Wed 2008-04-09 13:44:50: Message size: 699 bytes Wed 2008-04-09 13:44:50: Performing DomainKeys lookup (Sender: [email protected]) Wed 2008-04-09 13:44:50: * File: c:\mdaemon\temp\md50000016499.tmp Wed 2008-04-09 13:44:50: * Message-ID: n/a Wed 2008-04-09 13:44:50: * Querying for policy: xxxxxx.com.tw Wed 2008-04-09 13:44:50: * Querying: _domainkey.xxxxxx.com.tw ... Wed 2008-04-09 13:44:51: * DNS: * Name server reports domain name unknown Wed 2008-04-09 13:44:51: * Result: neutral Wed 2008-04-09 13:44:51: ---- End DomainKeys results Wed 2008-04-09 13:44:51: Passing message through AntiVirus (Size: 699)... Wed 2008-04-09 13:44:51: * Message is clean (no viruses found) Wed 2008-04-09 13:44:51: ---- End AntiVirus results Wed 2008-04-09 13:44:51: Passing message through Outbreak Protection... Wed 2008-04-09 13:44:51: * Message-ID: Wed 2008-04-09 13:44:51: * Reference-ID: str=0001.0A150202.47FC57D3.001E,ss=1,fgs=0 Wed 2008-04-09 13:44:51: * Virus result: 0 - Clean Wed 2008-04-09 13:44:51: * Spam result: 1 - Clean Wed 2008-04-09 13:44:51: * IWF result: 0 - Clean Wed 2008-04-09 13:44:51: ---- End Outbreak Protection results Wed 2008-04-09 13:44:51: Message creation successful: c:\mdaemon\inbound\md50000469950.msg Wed 2008-04-09 13:44:51: --> 250 Ok, message saved <Message-ID: > Wed 2008-04-09 13:44:51: <-- quit Wed 2008-04-09 13:44:51: --> 221 See ya in cyberspace Wed 2008-04-09 13:44:51: SMTP session successful (Bytes in/out: 796/333)
[ 本文最後由 shem888 於 2008-4-9 05:16 PM 編輯 ] |