ORF反垃圾邮件系统

邮件服务器-邮件系统-邮件技术论坛(BBS)

 找回密码
 会员注册
查看: 4060|回复: 3
打印 上一主题 下一主题

[求助] 請各位幫忙看看郵件和日誌是郵箱被盜發還是服務器中毒引起

[复制链接]
跳转到指定楼层
顶楼
发表于 2011-10-13 11:42:50 | 只看该作者 回帖奖励 |倒序浏览 |阅读模式
--- Original Message -----
From: <meiren.guo@chingchuan.cn>; <jinping.chen@chingchuan.cn>; <guomou.huang@chingchuan.cn>; <guohua.huang@chingchuan.cn>; <zhi.li@chingchuan.cn>; <chiu@chingchuan.cn>; <bradford@chingchuan.cn>; <chaofei.wang@chingchuan.cn>; <ayan.rao@chingchuan.cn>
To: <meiren.guo@chingchuan.cn>; <jinping.chen@chingchuan.cn>; <guomou.huang@chingchuan.cn>; <guohua.huang@chingchuan.cn>; <zhi.li@chingchuan.cn>; <chiu@chingchuan.cn>; <bradford@chingchuan.cn>; <chaofei.wang@chingchuan.cn>; <ayan.rao@chingchuan.cn>
Sent: Wednesday, October 12, 2011 11:05 AM
Subject: [SPAM] Vacancy - apply online


> I would like to take this time to welcome you to our hiring process
> and give you a brief synopsis of the position's benefits and requirements.
>
> If you are taking a career break, are on a maternity leave, recently
> retired or simply looking for some part-time job, this position
is for you.
>
> Occupation: Flexible schedule 1 to 3 hours per day. We can guarantee a
minimum 20 hrs/week occupation
> Salary: Starting salary is 3000 EUR per month plus commission.
>
> Region: European Union.
>
> Please note that there are no startup fees or deposits to start
> working
for us.
>
> To request an application form, schedule your interview and receive
> more
information about this position
> please reply to Lionel@it-jobsearch.com with your personal
> identification
number for this position IDNO: 2258
>
>
>
> __________ Information from ESET Smart Security, version of virus
signature database 6472 (20110917) __________
>
> The message was checked by ESET Smart Security.


-10-12 10:58:51: Session 2417; child 5; thread 2568
Wed 2011-10-12 10:56:57: 接受 SMTP 连接来自 [180.246.110.116 :27740]
Wed 2011-10-12 10:56:57: Performing PTR lookup (116.110.246.180.IN-ADDR.ARPA)
Wed 2011-10-12 10:57:07: *  错误:等候 DNS 响应 10 秒时间已到(尝试第 0 次,共 0 次)
Wed 2011-10-12 10:57:17: *  错误:等候 DNS 响应 10 秒时间已到(尝试第 0 次,共 0 次)
Wed 2011-10-12 10:57:17: *  未找到 PTR 记录
Wed 2011-10-12 10:57:17: ---- End PTR results
Wed 2011-10-12 10:57:17: --> 220 chingchuan.cn ESMTP MDaemon 9.5.2; Wed, 12 Oct 2011 10:57:17 +0800
Wed 2011-10-12 10:57:18: <-- EHLO [180.246.110.116]
Wed 2011-10-12 10:57:18: --> 250-chingchuan.cn Hello [180.246.110.116], pleased to meet you
Wed 2011-10-12 10:57:18: --> 250-ETRN
Wed 2011-10-12 10:57:18: --> 250-AUTH=LOGIN
Wed 2011-10-12 10:57:18: --> 250-AUTH LOGIN CRAM-MD5
Wed 2011-10-12 10:57:18: --> 250-8BITMIME
Wed 2011-10-12 10:57:18: --> 250 SIZE 0
Wed 2011-10-12 10:57:18: <-- MAIL FROM: <0-wh@mind-sciences.com>
Wed 2011-10-12 10:57:18: Performing IP lookup (mind-sciences.com)
Wed 2011-10-12 10:57:19: *  D=mind-sciences.com TTL=(240) A=[74.53.72.178]
Wed 2011-10-12 10:57:19: *  P=000 S=000 D=mind-sciences.com TTL=(240) MX=[mind-sciences.com] {74.53.72.178}
Wed 2011-10-12 10:57:19: ---- End IP lookup results
Wed 2011-10-12 10:57:19: Performing SPF lookup (mind-sciences.com / 180.246.110.116)
Wed 2011-10-12 10:57:19: *  Policy: v=spf1 a mx include:websitewelcome.com ~all
Wed 2011-10-12 10:57:19: *  Evaluating a: no match
Wed 2011-10-12 10:57:19: *  Evaluating mx: no match
Wed 2011-10-12 10:57:19: *  Evaluating include:websitewelcome.com: performing lookup
Wed 2011-10-12 10:57:19: *    Policy: v=spf1 a mx ip4:64.5.0.0/16 ip4:67.18.0.0/16 ip4:69.41.0.0/16 ip4:69.56.0.0/16 ip4:69.93.0.0/16 ip4:70.85.0.0/16 ip4:74.52.0.0/16 ip4:174.132.0.0/16 ip4:174.120.0.0/16 ip4:173.192.100.229 ip4:173.192.111.0/24 include:spf.websitewelcome.com
Wed 2011-10-12 10:57:20: *    Evaluating a: no match
Wed 2011-10-12 10:57:20: *    Evaluating mx: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:64.5.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:67.18.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:69.41.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:69.56.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:69.93.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:70.85.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:74.52.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:174.132.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:174.120.0.0/16: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:173.192.100.229: no match
Wed 2011-10-12 10:57:20: *    Evaluating ip4:173.192.111.0/24: no match
Wed 2011-10-12 10:57:20: *    Evaluating include:spf.websitewelcome.com: performing lookup
Wed 2011-10-12 10:57:20: *      Policy: v=spf1 a mx ip4:173.192.0.0/16 ip4:174.121.0.0/16 ip4:174.122.0.0/16 ip4:174.37.0.0/16 ip4:184.172.0.0/16 ip4:184.173.0.0/16 ip4:50.22.0.0/16 ip4:70.84.0.0/16 ip4:70.86.0.0/16 ip4:70.87.0.0/16 ip4:74.53.0.0/16 ip4:74.54.0.0/16 ip4:96.125.0.0
Wed 2011-10-12 10:57:30: *  错误:等候 DNS 响应 10 秒时间已到(尝试第 0 次,共 0 次)
Wed 2011-10-12 10:57:30: *      Evaluating a: no match; no A record or error
Wed 2011-10-12 10:57:41: *  错误:等候 DNS 响应 10 秒时间已到(尝试第 0 次,共 0 次)
Wed 2011-10-12 10:57:41: *      Evaluating mx: no match - zero 'mx' type records
Wed 2011-10-12 10:57:41: *      Evaluating ip4:173.192.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:174.121.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:174.122.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:174.37.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:184.172.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:184.173.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:50.22.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:70.84.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:70.86.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:70.87.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:74.53.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:74.54.0.0/16: no match
Wed 2011-10-12 10:57:41: *      Evaluating ip4:96.125.0.0/16: no match
Wed 2011-10-12 10:57:41: *    Evaluating include:spf.websitewelcome.com: no match
Wed 2011-10-12 10:57:41: *  Evaluating include:websitewelcome.com: no match
Wed 2011-10-12 10:57:41: *  Evaluating ~all: match
Wed 2011-10-12 10:57:41: *  Result: softfail
Wed 2011-10-12 10:57:41: ---- End SPF results
Wed 2011-10-12 10:57:41: --> 250 <0-wh@mind-sciences.com>, Sender ok
Wed 2011-10-12 10:57:42: <-- RCPT TO:<meiren.guo@chingchuan.cn>
Wed 2011-10-12 10:57:42: 执行 DNS-BL 查询(180.246.110.116 - 正在连接 IP)
Wed 2011-10-12 10:57:42: *  sbl-xbl.spamhaus.org,来自 $IP$ 的邮件被拒绝,参见 http://www.spamhaus.org - 通过
Wed 2011-10-12 10:57:44: *  relays.ordb.org,来自 $IP$ 的邮件被拒绝,参见 http://www.ordb.org/faq/ - 通过
Wed 2011-10-12 10:57:44: *  bl.spamcop.net,来自 $IP$ 的邮件被拒绝,参见 http://www.spamcop.net - 通过
Wed 2011-10-12 10:57:44: *  sbl-xbl.spamhaus.org - 失败
Wed 2011-10-12 10:57:44: ---- 结束 DNS-BL 结果
Wed 2011-10-12 10:57:44: --> 250 <meiren.guo@chingchuan.cn>, Recipient ok
Wed 2011-10-12 10:57:45: <-- RCPT TO:<jinping.chen@chingchuan.cn>
Wed 2011-10-12 10:57:45: --> 250 <jinping.chen@chingchuan.cn>, Recipient ok
Wed 2011-10-12 10:57:46: <-- RCPT TO:<guomou.huang@chingchuan.cn>
Wed 2011-10-12 10:57:46: --> 250 <guomou.huang@chingchuan.cn>, Recipient ok
Wed 2011-10-12 10:57:46: <-- RCPT TO:<guohua.huang@chingchuan.cn>
Wed 2011-10-12 10:57:46: --> 250 <guohua.huang@chingchuan.cn>, Recipient ok
Wed 2011-10-12 10:57:47: <-- RCPT TO:<zhi.li@chingchuan.cn>
Wed 2011-10-12 10:57:47: More than 5 RCPT commands encountered; this session tarpitted with a 10 second initial delay scaling by 1.00
Wed 2011-10-12 10:57:47: --> 250 <zhi.li@chingchuan.cn>, Recipient ok
Wed 2011-10-12 10:57:57: <-- RCPT TO:<chiu@chingchuan.cn>
Wed 2011-10-12 10:57:57: --> 250 <chiu@chingchuan.cn>, Recipient ok
Wed 2011-10-12 10:58:08: <-- RCPT TO:<bradford@chingchuan.cn>
Wed 2011-10-12 10:58:08: 发件人试图投递邮件到未知地址
Wed 2011-10-12 10:58:08: --> 550 <bradford@chingchuan.cn>, Recipient unknown
Wed 2011-10-12 10:58:19: <-- RCPT TO:<chaofei.wang@chingchuan.cn>
Wed 2011-10-12 10:58:19: --> 250 <chaofei.wang@chingchuan.cn>, Recipient ok
Wed 2011-10-12 10:58:29: <-- RCPT TO:<ayan.rao@chingchuan.cn>
Wed 2011-10-12 10:58:29: --> 250 <ayan.rao@chingchuan.cn>, Recipient ok
Wed 2011-10-12 10:58:39: <-- DATA
Wed 2011-10-12 10:58:39: Creating temp file (SMTP): c:\mdaemon\queues\temp\md50000016721.tmp
Wed 2011-10-12 10:58:39: --> 354 Enter mail, end with <CRLF>.<CRLF>
Wed 2011-10-12 10:58:40: Message size: 1789 bytes
Wed 2011-10-12 10:58:40: Performing DomainKeys lookup (Sender: meiren.guo@chingchuan.cn>, <jinping.chen@chingchuan.cn>, <guomou.huang@chingchuan.cn>, <guohua.huang@chingchuan.cn>, <zhi.li@chingchuan.cn>, <chiu@chingchuan.cn>, <bradford@chingchuan.cn>, <chaofei.wang@chingchuan.cn>,
Wed 2011-10-12 10:58:40: *  File: c:\mdaemon\queues\temp\md50000016721.tmp
Wed 2011-10-12 10:58:40: *  Message-ID: 4984585595.SDK75NN5968803@tmfxppjvqtoo.gwlum.ua
Wed 2011-10-12 10:58:40: *  Querying for policy: chingchuan.cn
Wed 2011-10-12 10:58:40: *    Querying: _domainkey.chingchuan.cn ...
Wed 2011-10-12 10:58:50: *  错误:等候 DNS 响应 10 秒时间已到(尝试第 0 次,共 0 次)
Wed 2011-10-12 10:58:50: *    DNS: 名称服务器报告域名未知
Wed 2011-10-12 10:58:50: *  Result: pass
Wed 2011-10-12 10:58:50: ---- End DomainKeys results
Wed 2011-10-12 10:58:50: Performing DKIM lookup
Wed 2011-10-12 10:58:50: *  File: c:\mdaemon\queues\temp\md50000016721.tmp
Wed 2011-10-12 10:58:50: *  Message-ID: 4984585595.SDK75NN5968803@tmfxppjvqtoo.gwlum.ua
Wed 2011-10-12 10:58:50: *  Result: neutral
Wed 2011-10-12 10:58:50: ---- End DKIM results
Wed 2011-10-12 10:58:50: Passing message through Spam Filter (Size: 1789)...
Wed 2011-10-12 10:58:50: *  2.5 MDAEMON_SPF_SOFTFAIL MDaemon: soft-failed SPF verification
Wed 2011-10-12 10:58:50: *  3.0 MDAEMON_DNSBL MDaemon: marked by MDaemon's DNSBL
Wed 2011-10-12 10:58:50: * -100 USER_IN_WHITELIST From: address is in the whitelist
Wed 2011-10-12 10:58:50: * -100 USER_IN_WHITELIST_TO address is listed in 'whitelist_to'
Wed 2011-10-12 10:58:50: *  8.0 BAYES_95 BODY: Bayesian spam probability is 95 to 99%
Wed 2011-10-12 10:58:50: *      [score: 0.9653]
Wed 2011-10-12 10:58:50: ---- End SpamAssassin results
Wed 2011-10-12 10:58:50: Spam Filter score/req: -186.50/12.0
Wed 2011-10-12 10:58:50: 邮件创建 successful:c:\mdaemon\queues\inbound\md50000110205.msg
Wed 2011-10-12 10:58:51: --> 250 Ok, message saved <Message-ID: 4984585595.SDK75NN5968803@tmfxppjvqtoo.gwlum.ua>
Wed 2011-10-12 10:58:51: <-- QUIT
Wed 2011-10-12 10:58:51: --> 221 See ya in cyberspace
Wed 2011-10-12 10:58:51: SMTP 会话成功(进/出字节:2183/818)
Wed 2011-10-12 10:58:53: ----------
Wed 2011-10-12 10:58:54: Processing message: c:\mdaemon\queues\inbound\md50000110205.msg
Wed 2011-10-12 10:58:54: From: meiren.guo@chingchuan.cn; Recipient: ayan.rao@chingchuan.cn; Size: 1789; Message: c:\mdaemon\queues\local\md50000206199.msg
Wed 2011-10-12 10:58:54: From: meiren.guo@chingchuan.cn; Recipient: chaofei.wang@chingchuan.cn; Size: 1789; Message: c:\mdaemon\queues\local\md50000206200.msg
Wed 2011-10-12 10:58:54: From: meiren.guo@chingchuan.cn; Recipient: chiu@chingchuan.cn; Size: 1789; Message: c:\mdaemon\queues\local\md50000206201.msg
Wed 2011-10-12 10:58:54: From: meiren.guo@chingchuan.cn; Recipient: guohua.huang@chingchuan.cn; Size: 1789; Message: c:\mdaemon\queues\local\md50000206202.msg
Wed 2011-10-12 10:58:54: From: meiren.guo@chingchuan.cn; Recipient: guomou.huang@chingchuan.cn; Size: 1789; Message: c:\mdaemon\queues\local\md50000206203.msg
Wed 2011-10-12 10:58:54: From: meiren.guo@chingchuan.cn; Recipient: jinping.chen@chingchuan.cn; Size: 1789; Message: c:\mdaemon\queues\local\md50000206204.msg
Wed 2011-10-12 10:58:54: From: meiren.guo@chingchuan.cn; Recipient: meiren.guo@chingchuan.cn; Size: 1789; Message: c:\mdaemon\queues\local\md50000206205.msg
Wed 2011-10-12 10:58:54: From: meiren.guo@chingchuan.cn; Recipient: zhi.li@chingchuan.cn; Size: 1789; Message: c:\mdaemon\queues\local\md50000206206.msg
Wed 2011-10-12 10:58:54: Subject: Vacancy - apply online
Wed 2011-10-12 10:58:54: Message-ID: 4984585595.SDK75NN5968803@tmfxppjvqtoo.gwlum.ua
Wed 2011-10-12 10:58:55: ----------
Wed 2011-10-12 10:58:55: Content Filter processing c:\mdaemon\queues\local\md50000206201.msg...
Wed 2011-10-12 10:58:55: > Message return-path: 0-wh@mind-sciences.com
Wed 2011-10-12 10:58:55: > Message from: meiren.guo@chingchuan.cn
Wed 2011-10-12 10:58:55: > Message to: chiu@chingchuan.cn
Wed 2011-10-12 10:58:55: > Message subject: Vacancy - apply online
Wed 2011-10-12 10:58:55: > Message ID: <4984585595.SDK75NN5968803@tmfxppjvqtoo.gwlum.ua>
Wed 2011-10-12 10:58:55: Start Content Filter results
Wed 2011-10-12 10:58:55: * Matched 0 of 2 active rules
Wed 2011-10-12 10:58:55: End of Content Filter results
沙发
 楼主| 发表于 2011-10-13 13:17:34 | 只看该作者
没人帮忙解决一下吗,在服务器邮件日志里显示是来自外部的,但在电脑上收到是显示自己的账号发给自己,在服务器上设置拒绝也不行,天天都是这几个人收到。
藤椅
发表于 2011-10-18 17:19:23 | 只看该作者
检查发件IP是否和你的发件人使用IP一样?
如果不一样,更改发件人密码。
板凳
发表于 2011-10-19 10:18:17 | 只看该作者
弱密码被破解
您需要登录后才可以回帖 登录 | 会员注册

本版积分规则

小黑屋|手机版|Archiver|邮件技术资讯网

GMT+8, 2024-12-26 02:33

Powered by Discuz! X3.2

© 2001-2016 Comsenz Inc.

本论坛为非盈利中立机构,所有言论属发表者个人意见,不代表本论坛立场。内容所涉及版权和法律相关事宜请参考各自所有者的条款。
如认定侵犯了您权利,请联系我们。本论坛原创内容请联系后再行转载并务必保留我站信息。此声明修改不另行通知,保留最终解释权。
*本论坛会员专属QQ群:邮件技术资讯网会员QQ群
*本论坛会员备用QQ群:邮件技术资讯网备用群

快速回复 返回顶部 返回列表