數碼中文坊

 取回密碼
 我要註冊
檢視: 4152|回覆: 4

[已解決] 請問這樣跳板的問題該如何阻擋.防止

[複製連結]
發表於 2012-10-4 16:26:49 | 顯示全部樓層 |閱讀模式

馬上註冊,結交更多好友,享用更多功能,讓你輕鬆瀏覽論壇。

你需要 登入 才可以下載或檢視,沒有帳號?我要註冊

x
本文章最後由 jeffchang 於 2012-10-4 04:30 PM 編輯

=================================================================
網路相關資訊: DNS自行設定管 . 有申請反解 . 為固定IP並已穿透
server: windows XP
MDaemon SMTP/POP/IMAP server: 6.0.8[繁中化]
WorldClient HTTP server: v6.0.8
WorldClient DLL: v6.0.8
Domain Name: master1995.com.tw
=================================================================

狀況如附圖,請問這樣跳板的問題該如何阻擋.防止,我有試了安全性設定值的"位址抑制"(先前被當跳板都用這功能處理,且行的通),但自從重灌server後,這招就行不通了,請求支援~ Orz


 樓主| 發表於 2012-10-4 16:40:26 | 顯示全部樓層
本文章最後由 jeffchang 於 2012-10-4 04:41 PM 編輯

MDaemon SMTP動態 如下

Thu 2012-10-04 16:34:44: ----------
Thu 2012-10-04 16:34:22: [916:1355] 正在接受 SMTP 連線來自: [50.16.133.166]
Thu 2012-10-04 16:34:22: [916:1355] Looking up PTR record for 50.16.133.166 (166.133.16.50.IN-ADDR.ARPA)
Thu 2012-10-04 16:34:22: [916:1355] D=166.133.16.50.IN-ADDR.ARPA TTL=(5) PTR=[ec2-50-16-133-166.compute-1.amazonaws.com]
Thu 2012-10-04 16:34:25: [916:1355] Gathering A-records for PTR hosts
Thu 2012-10-04 16:34:25: [916:1355] D=ec2-50-16-133-166.compute-1.amazonaws.com TTL=(5890) A=[50.16.133.166]
Thu 2012-10-04 16:34:25: [916:1355] 220 master1995.com.tw ESMTP MDaemon 6.0.8; Thu, 04 Oct 2012 16:34:25 +0800
Thu 2012-10-04 16:34:25: [916:1355] HELO ec2-50-16-133-166.compute-1.amazonaws.com
Thu 2012-10-04 16:34:25: [916:1355] 250 master1995.com.tw Hello ec2-50-16-133-166.compute-1.amazonaws.com, pleased to meet you (很高興見到你)
Thu 2012-10-04 16:34:26: [916:1355] MAIL FROM: <[email protected]>
Thu 2012-10-04 16:34:26: [916:1355] 250 <[email protected]>, Sender ok (發信人確定)
Thu 2012-10-04 16:34:26: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:26: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:27: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:27: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:27: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:27: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:28: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:28: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:28: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:28: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:29: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:29: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:29: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:29: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
..
..
..
..(字數限制中間大同小異)

Thu 2012-10-04 16:34:40: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:40: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:41: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:41: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:41: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:41: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:42: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:42: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:42: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:42: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:43: [916:1355] RSET
Thu 2012-10-04 16:34:43: [916:1355] 250 RSET? Well, ok.
Thu 2012-10-04 16:34:43: [916:1355] MAIL FROM: <[email protected]>
Thu 2012-10-04 16:34:43: [916:1355] 250 <[email protected]>, Sender ok (發信人確定)
Thu 2012-10-04 16:34:44: [916:1355] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:44: [916:1355] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:44: [916:1355] SMTP 連線期間異常終止,已發送 1210 位元組。
Thu 2012-10-04 16:34:44: ----------
Thu 2012-10-04 16:33:56: [384:1334] 正在接受 SMTP 連線來自: [183.139.255.117]
Thu 2012-10-04 16:33:56: [384:1334] 220 master1995.com.tw ESMTP MDaemon 6.0.8; Thu, 04 Oct 2012 16:33:56 +0800
Thu 2012-10-04 16:33:57: [384:1334] HELO 61.63.49.101
Thu 2012-10-04 16:33:57: [384:1334] 250 master1995.com.tw Hello 61.63.49.101, pleased to meet you (很高興見到你)
Thu 2012-10-04 16:34:28: [384:1334] MAIL FROM: <[email protected]>
Thu 2012-10-04 16:34:28: [384:1334] 250 <[email protected]>, Sender ok (發信人確定)
Thu 2012-10-04 16:34:42: [384:1334] RCPT TO: <[email protected]>
Thu 2012-10-04 16:34:42: [384:1334] 553 Domain yahoo.com.tw does not accept mail from [email protected] (網域不接受信件來自)
Thu 2012-10-04 16:34:47: [384:1334] SMTP 連線期間異常終止,已發送 87 位元組。
Thu 2012-10-04 16:34:47: ----------

發表於 2012-10-5 11:17:03 | 顯示全部樓層
關掉 Open Relay,參考:

如何避免成為垃圾信的跳板
http://www.suma.tw/forum.php?mod ... d=756&fromuid=1
 樓主| 發表於 2012-10-5 19:10:50 | 顯示全部樓層
已經關掉 Open Relay了,也閱讀過"MDaemon 的一些必要防護設定"
位址抑制應該是有把對方擋掉了,只不過對方還是持續的傳送,所以Activity才會出現 [email protected]的SMTP接收,過了一天就沒有再被攻擊的跡象了
發表於 2014-11-26 11:02:52 | 顯示全部樓層
MarchFun 發表於 2012-10-5 11:17 AM
關掉 Open Relay,參考:

如何避免成為垃圾信的跳板

感謝您,研讀中
你需要登入後才可以回覆 登入 | 我要註冊

本版積分規則

Archiver|禁閉室|手機版|數碼中文坊

GMT+8, 2024-3-28 11:56 PM

Powered by Discuz! X3.4 Licensed

© 2001-2023 Discuz! Team.

快速回覆 返回頂端 返回清單