STMP服务一打开spools下就不停出现.SMD文件的问题
如题,STMP服务一打,imail就不停发出垃圾邮件,试过将用户全部都禁止访问,但问题依然出现。可以确定是服务器中了木马吗?请教高手怎么解决?下面是部分日志的内容:
05:18 11:40 SMTPD(00D5032C) server starting on port 25 of shopping176.com
05:18 11:40 SMTPD(047902D8) connect 58.177.245.104 port 1154
05:18 11:40 SMTPD(047902D8) EHLO jggonng.com
05:18 11:40 SMTPD(047902D8) MAIL FROM:<wjjwa@yahoo.com.tw>
05:18 11:40 SMTPD(00A7035A) connect 213.17.144.50 port 2148
05:18 11:40 SMTPD(047902D8) RCPT TO:<keywordsend@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <keywordsend@yahoo.com.tw
05:18 11:40 SMTPD(01B60368) connect 94.73.132.50 port 3726
05:18 11:40 SMTPD(047902D8) RCPT TO:<sales@ho-chin.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <sales@ho-chin.com.tw
05:18 11:40 SMTPD(01CB03EC) connect 94.30.53.164 port 44026
05:18 11:40 SMTPD(047902D8) RCPT TO:<h1v50pc1s@xuite.net>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <h1v50pc1s@xuite.net
05:18 11:40 SMTPD(047902D8) RCPT TO:<seya1112@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <seya1112@yahoo.com.tw
05:18 11:40 SMTPD(013C03E8) connect 208.57.199.251 port 3510
05:18 11:40 SMTPD(012C0388) connect 222.154.232.171 port 53468
05:18 11:40 SMTPD(047902D8) RCPT TO:<my4745@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <my4745@yahoo.com.tw
05:18 11:40 SMTPD(018F03A2) connect 213.184.251.50 port 6484
05:18 11:40 SMTPD(047902D8) RCPT TO:<yth1975@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <yth1975@yahoo.com.tw
05:18 11:40 SMTPD(047902D8) RCPT TO:<joy3124@gmail.com>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <joy3124@gmail.com
05:18 11:40 SMTPD(00FD0398) connect 91.192.75.157 port 2777
05:18 11:40 SMTPD(047902D8) RCPT TO:<minetk@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <minetk@yahoo.com.tw
05:18 11:40 SMTPD(047902D8) RCPT TO:<oklamaymay2001@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <oklamaymay2001@yahoo.com.tw
05:18 11:40 SMTPD(00A7035A) EHLO qpzbnh.com
05:18 11:40 SMTPD(01CB03EC) EHLO cfeeldb.com
05:18 11:40 SMTPD(047902D8) RCPT TO:<ding0707ding0707@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <ding0707ding0707@yahoo.com.tw
05:18 11:40 SMTPD(013C03E8) EHLO saqktk.com
05:18 11:40 SMTPD(002A02F4) connect 123.65.228.11 port 47805
05:18 11:40 SMTPD(047902D8) RCPT TO:<g811111@yahoo.com.tw>
05:18 11:40 SMTPD(047902D8) ERR shopping176.com invalid user <g811111@yahoo.com.tw
05:18 11:40 SMTPD(012C0388) EHLO oiqaua.com
05:18 11:40 SMTPD(018F03A2) EHLO botanz.com
05:18 11:40 SMTPD(01B60368) EHLO bescrm.com
05:18 11:40 SMTPD(002A02F4) EHLO zvsl.com
05:18 11:40 SMTPD(002A02F4) MAIL FROM: <ybefb@zvsl.com>
05:18 11:40 SMTPD(002A02F4) RCPT TO: <hr@tayouta.com>
05:18 11:40 SMTPD(013C03E8) MAIL FROM:<aqmdxma@yahoo.com.tw>
05:18 11:40 SMTPD(01CB03EC) MAIL FROM:<ppmir@yahoo.com.tw>
05:18 11:40 SMTPD(00FD0398) EHLO kqynst.com
05:18 11:40 SMTPD(00A7035A) MAIL FROM:<xkwwldzi@yahoo.com.tw>
05:18 11:40 SMTPD(047A02D8) connect 41.135.150.253 port 4598
05:18 11:40 SMTPD(018F03A2) MAIL FROM:<ehkgp@yahoo.com.tw>
05:18 11:40 SMTPD(012C0388) MAIL FROM:<mkqgq@yahoo.com.tw>
05:18 11:40 SMTPD(01B60368) MAIL FROM:<rrjoibq@yahoo.com.tw>
05:18 11:40 SMTPD(012D03DE) connect 195.24.195.162 port 1055
05:18 11:40 SMTPD(008E02E4) connect 190.188.183.125 port 1049
05:18 11:40 SMTPD(023E0306) connect 66.195.146.72 port 9845
05:18 11:40 SMTPD(00F3031E) connect 218.75.36.190 port 2762
05:18 11:40 SMTPD(014C0348) connect 178.20.145.40 port 45958
05:18 11:40 SMTPD(002A02F4) D:\IMail\spool\D3fa6002a02f481ba.SMD 50160
05:18 11:40 SMTPD(002A02F4) performing antispam checks
05:18 11:40 SMTPD(00F3031E) EHLO gujgun.com
05:18 11:40 SMTPD(002B02F4) connect 173.161.182.53 port 58394
05:18 11:40 SMTPD(00F3031E) MAIL FROM:<kpqnaow@yahoo.com.tw>
05:18 11:40 SMTP-(00000000) Info - Queue manager started
05:18 11:40 SMTP-(00000000) Info - Queue manager starting Queue run 1
05:18 11:40 SMTP-(08380000) processing D:\IMail\spool\Q3fa6002a02f481ba.SMD
05:18 11:40 SMTPD(023E0306) EHLO ochhwm.com
05:18 11:40 SMTPD(00F3031E) RCPT TO:<carios098@yahoo.com.tw>
05:18 11:40 SMTPD(00F3031E) ERR shopping176.com invalid user <carios098@yahoo.com.tw
05:18 11:40 SMTPD(013C03E8) RCPT TO:<ericing07@yahoo.com.tw>
05:18 11:40 SMTPD(013C03E8) ERR shopping176.com invalid user <ericing07@yahoo.com.tw
05:18 11:40 SMTPD(01CB03EC) RCPT TO:<maggic2504@yahoo.com.tw>
05:18 11:40 SMTPD(01CB03EC) ERR shopping176.com invalid user <maggic2504@yahoo.com.tw
05:18 11:40 SMTPD(00F3031E) RCPT TO:<applerola@yahoo.com.tw>
05:18 11:40 SMTPD(00F3031E) ERR shopping176.com invalid user <applerola@yahoo.com.tw
05:18 11:40 SMTPD(018F03A2) RCPT TO:<ebc_ihi@yahoo.com.tw>
05:18 11:40 SMTPD(018F03A2) ERR shopping176.com invalid user <ebc_ihi@yahoo.com.tw
05:18 11:40 SMTPD(012C0388) RCPT TO:<ya670427@yahoo.com.tw>
05:18 11:40 SMTPD(012C0388) ERR shopping176.com invalid user <ya670427@yahoo.com.tw
05:18 11:40 SMTPD(00A7035A) RCPT TO:<hstawu1210@yahoo.com.tw>
05:18 11:40 SMTPD(00A7035A) ERR shopping176.com invalid user <hstawu1210@yahoo.com.tw
05:18 11:40 SMTPD(00F3031E) RCPT TO:<winnie0751@yahoo.com.tw>
05:18 11:40 SMTPD(00F3031E) ERR shopping176.com invalid user <winnie0751@yahoo.com.tw
05:18 11:40 SMTPD(002B02F4) EHLO qvhrvmh.com
05:18 11:40 SMTPD(00FD0398) MAIL FROM:<fqmrc@yahoo.com.tw>
05:18 11:40 SMTPD(023E0306) MAIL FROM:<nmsbk@yahoo.com.tw>
05:18 11:40 SMTPD(008E02E4) EHLO ttiukv.com
05:18 11:40 SMTPD(023503AC) connect 189.11.61.133 port 3749
05:18 11:40 SMTPD(01B60368) RCPT TO:<suhushyu@ms15.hinet.net>
05:18 11:40 SMTPD(01B60368) ERR shopping176.com invalid user <suhushyu@ms15.hinet.net
05:18 11:40 SMTPD(013C03E8) RCPT TO:<impreeza2003@yahoo.com.tw>
05:18 11:40 SMTPD(013C03E8) ERR shopping176.com invalid user <impreeza2003@yahoo.com.tw
05:18 11:40 SMTPD(014C0348) EHLO kzkmwhn.com
05:18 11:40 SMTPD(01CB03EC) RCPT TO:<c820212@yahoo.com.tw>
05:18 11:40 SMTPD(01CB03EC) ERR shopping176.com invalid user <c820212@yahoo.com.tw
05:18 11:40 SMTPD(018F03A2) RCPT TO:<a000930920@yahoo.com.tw>
05:18 11:40 SMTPD(018F03A2) ERR shopping176.com invalid user <a000930920@yahoo.com.tw
05:18 11:40 SMTPD(023E0306) RCPT TO:<dobylsh@xuite.net>
05:18 11:40 SMTPD(023E0306) ERR shopping176.com invalid user <dobylsh@xuite.net
05:18 11:40 SMTPD(047A02D8) EHLO kugqzh.com
05:18 11:40 SMTPD(012C0388) RCPT TO:<pipi10227@yahoo.com.tw>
05:18 11:40 SMTPD(012C0388) ERR shopping176.com invalid user <pipi10227@yahoo.com.tw
05:18 11:40 SMTPD(002B02F4) MAIL FROM:<aongnili@yahoo.com.tw>
05:18 11:40 SMTPD(012D03DE) EHLO xskxsw.com
05:18 11:40 SMTPD(013C03E8) RCPT TO:<jamie_642000@yahoo.com.tw>
05:18 11:40 SMTPD(013C03E8) ERR shopping176.com invalid user <jamie_642000@yahoo.com.tw
05:18 11:40 SMTPD(00A7035A) RCPT TO:<pao626727@yahoo.com.tw>
05:18 11:40 SMTPD(00A7035A) ERR shopping176.com invalid user <pao626727@yahoo.com.tw
05:18 11:40 SMTPD(023E0306) RCPT TO:<ejlli@yahoo.com.tw>
05:18 11:40 SMTPD(023E0306) ERR shopping176.com invalid user <ejlli@yahoo.com.tw
05:18 11:40 SMTPD(01CB03EC) RCPT TO:<s882262@yahoo.com.tw>
05:18 11:40 SMTPD(01CB03EC) ERR shopping176.com invalid user <s882262@yahoo.com.tw
05:18 11:40 SMTPD(00FD0398) RCPT TO:<goya7341@yahoo.com.tw>
05:18 11:40 SMTPD(00FD0398) ERR shopping176.com invalid user <goya7341@yahoo.com.tw
05:18 11:40 SMTPD(01B60368) RCPT TO:<shinyin200381@yahoo.com.tw>
05:18 11:40 SMTPD(01B60368) ERR shopping176.com invalid user <shinyin200381@yahoo.com.tw
05:18 11:40 SMTPD(008E02E4) MAIL FROM:<lpeekktp@yahoo.com.tw>
05:18 11:40 SMTPD(018F03A2) RCPT TO:<gamegood123@yahoo.com.tw>
05:18 11:40 SMTPD(018F03A2) ERR shopping176.com invalid user <gamegood123@yahoo.com.tw
05:18 11:40 SMTPD(023503AC) EHLO wjacxm.com
05:18 11:40 SMTPD(014C0348) MAIL FROM:<ptxlyz@yahoo.com.tw>
05:18 11:40 SMTPD(002B02F4) RCPT TO:<axicchie@ms21.hinet.net>
05:18 11:40 SMTPD(002B02F4) ERR shopping176.com invalid user <axicchie@ms21.hinet.net
05:18 11:40 SMTPD(013C03E8) RCPT TO:<michelle@gmail.com>
05:18 11:40 SMTPD(013C03E8) ERR shopping176.com invalid user <michelle@gmail.com
05:18 11:40 SMTPD(012C0388) RCPT TO:<kingman521@yahoo.com.tw>
05:18 11:40 SMTPD(012C0388) ERR shopping176.com invalid user <kingman521@yahoo.com.tw
05:18 11:40 SMTPD(023E0306) RCPT TO:<1gx@yahoo.com.tw>
05:18 11:40 SMTPD(023E0306) ERR shopping176.com invalid user <1gx@yahoo.com.tw
05:18 11:40 SMTPD(00A7035A) RCPT TO:<w901207@yahoo.com.tw> 你用imail自带的日志分析软件分析一下日志,看是否是有邮件用户被利用了,
点击程序,imail/Imail Log Analyzer,会生成一个分析文本。你这么看日志本身,很难找到问题 感谢楼上,我这个版本可能太旧了...没有 Log Analyzer,得装个新的 多旧的版本会这个程序都没有?IMAIL本身是没有明显能被利用的漏洞的,设置正确了,用户密码不被盗,基本不可能出现LZ的情况。 你禁止所有用户只是禁止了发
别人还可以发给你啊
页:
[1]
