邮件服务器-邮件系统-邮件技术论坛(BBS)

标题: 清明回来后,发现公司服务器成垃圾邮件肉鸡了。。 [打印本页]

作者: ken_tech    时间: 2011-4-6 09:20
标题: 清明回来后,发现公司服务器成垃圾邮件肉鸡了。。
admin邮箱里有3000多封备份邮件。如下图:

[attach]10217[/attach]

而返回的 永久性投递失败 的邮件中的内容为

MDaemon 投递状态通知 - http://www.altn.com/ dsn
--------------------------------------------------------------------------
所附邮件有“永久性”致命投递错误。
在一次或多次失败的投递尝试之后,已将所附邮件
从本服务器上的 MDaemon 邮件队列中删除。尝试投递的次数和频率
由本地配置决定。
--------------------------------------------------------------------------
您的邮件未投递给一个或多个收件人。
--------------------------------------------------------------------------
Failed address: liuhaping1688@ yahoo.com.cn
--- Session Transcript ---
Wed 2011-04-06 08:58:16: Parsing message <xxxxxxxxxxxxxxxxxxxxxxxx\pd35000007026.msg>
Wed 2011-04-06 08:58:16: *  From: vftxaf@ vvlxmk.gov
Wed 2011-04-06 08:58:16: *  To: liuhaping1688@ yahoo.com.cn
Wed 2011-04-06 08:58:16: *  Subject: =?gb2312?B?Mam/z/qpv8rbqb++q6m/06IgMiDM7CDSuyDSuSC36CA=?= =?gb2312?B?v/Eg0bUgwbc=?=
Wed 2011-04-06 08:58:16: *  Size (bytes): 20740
Wed 2011-04-06 08:58:16: *  Message-ID: <2F88C9319548059312C9F10159ACABA1@ zlcg >
Wed 2011-04-06 08:58:16: Attempting SMTP connection to [yahoo.com.cn]
Wed 2011-04-06 08:58:17: Resolving MX records for [yahoo.com.cn] (DNS Server: 202.96.134.133)...
Wed 2011-04-06 08:58:17: *  P=010 S=000 D=yahoo.com.cn TTL=(4) MX=[mx1.mail.cnb.yahoo.com] {203.209.228.250}
Wed 2011-04-06 08:58:17: Attempting SMTP connection to [203.209.228.250:25]
Wed 2011-04-06 08:58:17: Waiting for socket connection...
Wed 2011-04-06 08:58:17: *  Connection established (192.168.0.3:3803 -> 203.209.228.250:25)
Wed 2011-04-06 08:58:17: Waiting for protocol to start...
Wed 2011-04-06 08:58:17: <-- 220 mta1006.mail.cnb.yahoo.com ESMTP YSmtp service ready
Wed 2011-04-06 08:58:17: --> EHLO XXXXXXX.com.cn
Wed 2011-04-06 08:58:17: <-- 250-mta1006.mail.cnb.yahoo.com
Wed 2011-04-06 08:58:17: <-- 250-8BITMIME
Wed 2011-04-06 08:58:17: <-- 250-SIZE 41943040
Wed 2011-04-06 08:58:17: <-- 250 PIPELINING
Wed 2011-04-06 08:58:17: --> MAIL From:<liming@  XXXXXXX.com.cn> SIZE=20740
Wed 2011-04-06 08:58:17: <-- 250 sender <liming@  XXXXXXX.com.cn> ok
Wed 2011-04-06 08:58:17: --> RCPT To:liuhaping1688@  yahoo.com.cn
Wed 2011-04-06 08:58:17: <-- 250 recipient liuhaping1688@ yahoo.com.cok   
Wed 2011-04-06 08:58:17: --> DATA
Wed 2011-04-06 08:58:17: <-- 354 go ahead
Wed 2011-04-06 08:58:17: Sending <xxxxxxxxxxxxxxxxxxxxxxxx\pd35000007026.msg> to [203.209.228.250]
Wed 2011-04-06 08:58:18: Transfer Complete
Wed 2011-04-06 08:58:18: <-- 554 delivery error: dd This user doesn't have a yahoo.com.cn account (liuhaping1688@ yahoo.com.cn) [0] - mta1006.mail.cnb.yahoo.com
Wed 2011-04-06 08:58:18: --> QUIT

很明显 邮件是从 vftxaf@ vvlxmk. gov 这个邮箱发出去的,为什么会返回到 liming@ XXXXXXX.com.cn   我公司的这个邮箱里呢?

请大家帮忙看一下。
作者: neil.fu    时间: 2011-4-6 10:41
利用你的smtp外发的,所以退信会退到你公司的账号了,账户被利用
作者: 陆小风    时间: 2011-4-13 10:32
有可能是你的服务器没有启用SMTP验证,或者你邮箱的密码被人猜出来了。 看一下SMTP入的记录你就明白 了。




欢迎光临 邮件服务器-邮件系统-邮件技术论坛(BBS) (http://5dmail.cn/bbs/) Powered by Discuz! X3.2