數碼中文坊

 取回密碼
 我要註冊
檢視: 1045|回覆: 0

[求助] 垃圾信件詢問

[複製連結]
發表於 2016-11-9 11:50:18 | 顯示全部樓層 |閱讀模式

馬上註冊,結交更多好友,享用更多功能,讓你輕鬆瀏覽論壇。

你需要 登入 才可以下載或檢視,沒有帳號?我要註冊

x

各位前輩,

小弟公司的Mail server 最近常常收到很多這類型的信件

可以請教幾個問題
1.  這算是被當跳板嗎?    (因為寄送公司網域的信件都是無此人的信件)
2.  Name server reports domain name unknown  這是....
3.  底下有很多 Evaluating.... 這是正常的嗎?
4.  如果這是假冒Google 寄來的文件 , 那請問要如何阻擋?

謝謝各位前輩

log 如下

----------
  Session 497; child 2; thread 2428
    Accepting SMTP connection from [52.169.112.170 : 62544]
    Performing PTR lookup (170.112.169.52.IN-ADDR.ARPA)
    *  Error: Name server reports domain name unknown
    *  No PTR records found
    ---- End PTR results
    --> 220 公司網域.com.tw ESMTP MDaemon 9.5.6; Tue, 08 Nov 2016 02:57:54 +0800
    <-- HELO 公司IP
    EHLO/HELO response delayed 9 seconds
Tue 2016-11-08 02:58:03: --> 250 公司網域.com.tw Hello 公司IP (may be forged), pleased to meet you
    <-- MAIL FROM: <Carol715@gmail.com>
    Performing IP lookup (gmail.com)
    *  D=gmail.com TTL=(4) A=[74.125.23.18]
    *  D=gmail.com TTL=(4) A=[74.125.23.83]
    *  D=gmail.com TTL=(4) A=[74.125.23.19]
    *  D=gmail.com TTL=(4) A=[74.125.23.17]
    *  P=005 S=004 D=gmail.com TTL=(37) MX=[gmail-smtp-in.l.google.com]
    *  P=010 S=003 D=gmail.com TTL=(37) MX=[alt1.gmail-smtp-in.l.google.com]
    *  P=020 S=001 D=gmail.com TTL=(37) MX=[alt2.gmail-smtp-in.l.google.com]
    *  P=030 S=000 D=gmail.com TTL=(37) MX=[alt3.gmail-smtp-in.l.google.com]
    *  P=040 S=002 D=gmail.com TTL=(37) MX=[alt4.gmail-smtp-in.l.google.com]
    *  D=gmail.com TTL=(2) A=[172.217.25.101]
    *  D=gmail.com TTL=(1) A=[64.233.187.19]
    *  D=GMAIL.com TTL=(2) A=[74.125.204.83]
    *  D=gmail.com TTL=(4) A=[74.125.204.83]
    *  D=gmail.com TTL=(0) A=[64.233.187.83]
    ---- End IP lookup results
    Performing SPF lookup (gmail.com / 52.169.112.170)
    *  Policy: v=spf1 redirect=_spf.google.com
    *  Evaluating redirect=_spf.google.com:
    *  Evaluating redirect=_spf.google.com: performing lookup
    *    Policy: v=spf1 include:_netblocks.google.com include:_netblocks2.google.com

include:_netblocks3.google.com ~all
    *    Evaluating include:_netblocks.google.com: performing lookup
    *      Policy: v=spf1 ip4:64.18.0.0/20 ip4:64.233.160.0/19 ip4:66.102.0.0/20 ip4:66.249.80.0/20

ip4:72.14.192.0/18 ip4:74.125.0.0/16 ip4:108.177.8.0/21 ip4:173.194.0.0/16 ip4:207.126.144.0/20

ip4:209.85.128.0/17 ip4:216.58.192.0/19 ip4:216.239.32.0/19 ~all
    *      Evaluating ip4:64.18.0.0/20: no match
    *      Evaluating ip4:64.233.160.0/19: no match
    *      Evaluating ip4:66.102.0.0/20: no match
    *      Evaluating ip4:66.249.80.0/20: no match
    *      Evaluating ip4:72.14.192.0/18: no match
    *      Evaluating ip4:74.125.0.0/16: no match
    *      Evaluating ip4:108.177.8.0/21: no match
    *      Evaluating ip4:173.194.0.0/16: no match
    *      Evaluating ip4:207.126.144.0/20: no match
    *      Evaluating ip4:209.85.128.0/17: no match
    *      Evaluating ip4:216.58.192.0/19: no match
    *      Evaluating ip4:216.239.32.0/19: no match
    *      Evaluating ~all: match
    *    Evaluating include:_netblocks.google.com: no match
    *    Evaluating include:_netblocks2.google.com: performing lookup
    *      Policy: v=spf1 ip6:2001:4860:4000::/36 ip6:2404:6800:4000::/36 ip6:2607:f8b0:4000::/36

ip6:2800:3f0:4000::/36 ip6:2a00:1450:4000::/36 ip6:2c0f:fb50:4000::/36 ~all
    *      Evaluating ip6:2001:4860:4000::/36: unknown mechanism
    *    Evaluating include:_netblocks2.google.com:
    *  Result: neutral
    ---- End SPF results
    --> 250 <Carol715@gmail.com>, Sender ok
    <-- RCPT TO: <carol715@公司網域.com.tw>
    Sender attempted to deliver message to unknown address
    --> 550 <carol715@公司網域.com.tw>, Recipient unknown
  <-- RCPT TO: <eve@公司網域.com.tw>
  Sender attempted to deliver message to unknown address
  --> 550 <eve@公司網域.com.tw>, Recipient unknown
  <-- QUIT
  --> 221 See ya in cyberspace
  SMTP session terminated (Bytes in/out: 118/292
你需要登入後才可以回覆 登入 | 我要註冊

本版積分規則

Archiver|禁閉室|手機版|數碼中文坊

GMT+8, 2021-1-20 07:54 AM

Powered by Discuz! X3.4 Licensed

Copyright © 2001-2020, Tencent Cloud. | 正體中文:數碼中文坊

快速回覆 返回頂端 返回清單