|
我把日志贴上来,斑竹帮看看,我截了一段,日志txt文件居然有140多兆,spool你有2万多个文件
系统是2003,没开防火墙,木马用360查过,没有发现,只运行Imail8.22和FTP,没有其他的了
在smtp设置里,我居然没有找到Refuse NULL <> Sender的选项,但我看imail8的说明文件里说有,奇怪
03:15 23:59 SMTP-(36b4028c00000bb7) >EHLO 我的域名
03:15 23:59 SMTPD(59160093000006eb) [82.128.19.206] RCPT TO:<avrt@bigfoot.com>
03:15 23:59 SMTP-(368d02c000000b87) MX connect fail "202.106.199.35"
03:15 23:59 SMTP-(368d02c000000b87) Trying petri.de (0)
03:15 23:59 SMTP-(367e030200000b7b) 221 2.0.0 Service closing transmission channel
03:15 23:59 SMTP-(367e030200000b7b) Trying hughes.net (0)
03:15 23:59 SMTP-(36b4028c00000bb7) 250-sj1-dm02.mta.everyone.net
03:15 23:59 SMTP-(36b4028c00000bb7) 250-PIPELINING
03:15 23:59 SMTP-(36b4028c00000bb7) 250-SIZE 50000000
03:15 23:59 SMTP-(36b4028c00000bb7) 250-AUTH PLAIN LOGIN
03:15 23:59 SMTP-(36b4028c00000bb7) 250-AUTH=LOGIN
03:15 23:59 SMTP-(36b4028c00000bb7) 250-STARTTLS
03:15 23:59 SMTP-(36b4028c00000bb7) 250 8BITMIME
03:15 23:59 SMTP-(36b4028c00000bb7) >MAIL FROM:<raliatsmth@earthlink.net>
03:15 23:59 SMTP-(36b302d200000bb6) 221 2.0.0 Bye
03:15 23:59 SMTP-(36b302d200000bb6) Trying wocal.com (0)
03:15 23:59 SMTP-(369b024600000b98) 354 go ahead
03:15 23:59 SMTP-(369b024600000b98) >.
03:15 23:59 SMTP-(368d02c000000b87) Connect petri.de [69.50.213.17:25] (1)
03:15 23:59 SMTP-(369f027600000ba0) Connect mag-uk.org [80.176.86.92:25] (1)
03:15 23:59 SMTP-(36b4028c00000bb7) 250 Sender okay
03:15 23:59 SMTP-(36b4028c00000bb7) >RCPT To:<fletcherel@limso.net>
03:15 23:59 SMTPD(59260177000006fa) [82.128.19.206] RCPT TO:<awu@cbpu.com>
03:15 23:59 SMTP-(36b302d200000bb6) Connect wocal.com [74.54.176.226:25] (1)
03:15 23:59 SMTPD(59160283000006ec) [82.128.19.206] RCPT TO:<awalthourmd@students.mcg.edu>
03:15 23:59 SMTP-(36b201b400000bb4) 250-aspen.websitewelcome.com Hello 我的域名 [我的ip]
03:15 23:59 SMTP-(36b201b400000bb4) 250-SIZE 52428800
03:15 23:59 SMTP-(36b201b400000bb4) 250-PIPELINING
03:15 23:59 SMTP-(36b201b400000bb4) 250-AUTH PLAIN LOGIN
03:15 23:59 SMTP-(36b201b400000bb4) 250-STARTTLS
03:15 23:59 SMTP-(36b201b400000bb4) 250 HELP
03:15 23:59 SMTP-(36b201b400000bb4) >MAIL FROM:<raliatsmth@earthlink.net>
03:15 23:59 SMTP-(368d02c000000b87) 220-server.serverstep.de ESMTP Exim 4.69 #1 Mon, 15 Mar 2010 16:59:01 +0100
03:15 23:59 SMTP-(368d02c000000b87) 220-We do not authorize the use of this system to transport unsolicited,
03:15 23:59 SMTP-(368d02c000000b87) 220 and/or bulk e-mail.
03:15 23:59 SMTP-(368d02c000000b87) >EHLO 我的域名
03:15 23:59 SMTP-(36b302d200000bb6) 220-gator366.hostgator.com ESMTP Exim 4.69 #1 Mon, 15 Mar 2010 10:59:02 -0500
03:15 23:59 SMTP-(36b302d200000bb6) 220-We do not authorize the use of this system to transport unsolicited,
03:15 23:59 SMTP-(36b302d200000bb6) 220 and/or bulk e-mail.
03:15 23:59 SMTP-(36b302d200000bb6) >EHLO 我的域名
03:15 23:59 SMTP-(36b4028c00000bb7) 550 Recipient Rejected: Account Inactive
03:15 23:59 SMTP-(36b4028c00000bb7) >QUIT
03:15 23:59 SMTP-(36b201b400000bb4) 250 OK
03:15 23:59 SMTP-(36b201b400000bb4) >RCPT To:<flemingpstz@massagency.com>
03:15 23:59 SMTP-(368d02c000000b87) 250-server.serverstep.de Hello 我的域名
[127.0.0.1]
03:15 23:59 SMTP-(368d02c000000b87) 250-SIZE 52428800
03:15 23:59 SMTP-(368d02c000000b87) 250-AUTH PLAIN LOGIN
03:15 23:59 SMTP-(368d02c000000b87) 250 HELP
03:15 23:59 SMTP-(368d02c000000b87) >MAIL FROM:<raliatsmth@earthlink.net>
03:15 23:59 SMTP-(36b4028c00000bb7) 221 Bye
03:15 23:59 SMTP-(36b4028c00000bb7) Trying 1000demenageurs.com (0)
03:15 23:59 SMTPD(591401fa000006e8) [82.128.19.206] RCPT TO:<awadjo@yahoo.com>
03:15 23:59 SMTP-(36b302d200000bb6) 250-gator366.hostgator.com Hello 我的域名 [我的ip]
03:15 23:59 SMTP-(36b302d200000bb6) 250-SIZE 52428800
03:15 23:59 SMTP-(36b302d200000bb6) 250-PIPELINING
03:15 23:59 SMTP-(36b302d200000bb6) 250-AUTH PLAIN LOGIN
03:15 23:59 SMTP-(36b302d200000bb6) 250-STARTTLS
03:15 23:59 SMTP-(36b302d200000bb6) 250 HELP
03:15 23:59 SMTP-(36b302d200000bb6) >MAIL FROM:<raliatsmth@earthlink.net>
03:15 23:59 SMTP-(369c02cc00000b9b) 250 ok 1268668741 qp 16184
03:15 23:59 SMTP-(369c02cc00000b9b) rdeliver headstar.com access-consult@headstar.com (1)
<imf.update@neu.com.cn> 2435
03:15 23:59 SMTP-(369c02cc00000b9b) >QUIT
03:15 23:59 SMTP-(367e030200000b7b) Connect hughes.net [64.98.36.4:25] (1)
03:15 23:59 SMTPD(5923026d000006f7) [82.128.19.206] RCPT TO:<awlankford@centurytel.net>
03:15 23:59 SMTPD(591701cb000006ed) [82.128.19.206] RCPT TO:<awbdev@mchsi.com>
03:15 23:59 SMTPD(59180221000006ef) [82.128.19.206] RCPT TO:<awesome_gurl_22@hotmail.com>
03:15 23:59 SMTP-(36b501a100000bb9) 554 imta34.emeryville.ca.mail.comcast.net comcast 我的ip Comcast requires that all mail servers must have a PTR record with a valid Reverse DNS entry. Currently your mail server does not fill that requirement. For more information, refer to: http://help.comcast.net/content/faq/PTR
03:15 23:59 SMTP-(36b501a100000bb9) SMTP_DELIV_FAILED
03:15 23:59 SMTP-(36b501a100000bb9) >QUIT
03:15 23:59 SMTP-(368d02c000000b87) 250 OK
03:15 23:59 SMTP-(368d02c000000b87) >RCPT To:<flatterye7@petri.de>
03:15 23:59 SMTP-(36a0026400000ba1) 250 2.1.5 OK 32si5120331iwn.17
03:15 23:59 SMTP-(36a0026400000ba1) >DATA
03:15 23:59 SMTPD(591c0251000006f3) [82.128.19.206] RCPT TO:<awilliamsfamily@bellsouth.net>
03:15 23:59 SMTPD(591b0181000006f2) [82.128.19.206] RCPT TO:<awhite57@carolina.rr.com>
03:15 23:59 SMTPD(592401ad000006f9) [82.128.19.206] RCPT TO:<aworley420@yahoo.com>
03:15 23:59 SMTPD(59130260000006e6) [82.128.19.206] RCPT TO:<avonjess@yahoo.com>
03:15 23:59 SMTP-(36b501a100000bb9)
03:15 23:59 SMTP-(36b501a100000bb9) Trying sbcglobal.net (0)
03:15 23:59 SMTPD(59160093000006eb) [82.128.19.206] RCPT TO:<avrxsport@lantil.net>
03:15 23:59 SMTPD(58fc021c000006d8) [82.128.34.115] RCPT TO:<mwilson911@cox.net>
03:15 23:59 SMTP-(368d02c000000b87) 550 5.1.1 User unknown: flatterye7@petri.de
03:15 23:59 SMTP-(368d02c000000b87) >QUIT
03:15 23:59 SMTPD(5947017400000707) [我的ip] connect 82.128.34.115 port 1900
03:15 23:59 SMTPD(58ed01f5000006d2) [82.128.34.115] RCPT TO:<mtrocola26@yahoo.com>
03:15 23:59 SMTP-(367e030200000b7b) 220 mx.b.hostedemail.com SMTP
03:15 23:59 SMTP-(367e030200000b7b) >EHLO 我的域名
03:15 23:59 SMTPD(59260177000006fa) [82.128.19.206] RCPT TO:<awu@gi.com>
03:15 23:59 SMTPD(59160283000006ec) [82.128.19.206] RCPT TO:<awalton26@aol.com>
03:15 23:59 SMTPD(591a01b8000006f1) [82.128.34.115] RCPT TO:<myla_citizen@yahoo.com>
03:15 23:59 SMTP-(36af02f600000bac) 250 Ok
03:15 23:59 SMTP-(36af02f600000bac) >DATA
03:15 23:59 SMTP-(36b501a100000bb9) Connect sbcglobal.net [207.115.36.20:25] (1)
03:15 23:59 SMTPD(5942022700000703) Authenticated rock@我的域名, session treated as local.
03:15 23:59 SMTP-(368d02c000000b87) 221 server.serverstep.de closing connection
03:15 23:59 SMTP-(368d02c000000b87) Trying verizon.net (0)
03:15 23:59 SMTP-(369c02cc00000b9b) 221 headstar.positive-dedicated.net
03:15 23:59 SMTP-(369c02cc00000b9b) Trying littleleague.org (0)
03:15 23:59 SMTP-(365801cf00000b30) MX connect fail "82.98.86.161"
03:15 23:59 SMTP-(365801cf00000b30) Trying pb-eba.com (0)
03:15 23:59 SMTP-(36a0026400000ba1) 354 Go ahead 32si5120331iwn.17
03:15 23:59 SMTP-(36a0026400000ba1) >.
03:15 23:59 SMTP-(36af02f600000bac) 354 End data with <CR><LF>.<CR><LF>
03:15 23:59 SMTP-(367e030200000b7b) 250-imf10.b.hostedemail.com
03:15 23:59 SMTP-(367e030200000b7b) 250-PIPELINING
03:15 23:59 SMTP-(367e030200000b7b) 250-SIZE 26214400
03:15 23:59 SMTP-(367e030200000b7b) 250-ETRN
03:15 23:59 SMTP-(367e030200000b7b) 250-ENHANCEDSTATUSCODES
03:15 23:59 SMTP-(367e030200000b7b) 250-8BITMIME
03:15 23:59 SMTP-(367e030200000b7b) 250 DSN
03:15 23:59 SMTP-(367e030200000b7b) >MAIL FROM:<cbndeptt@gmail.com>
03:15 23:59 SMTP-(36af02f600000bac) >.
03:15 23:59 SMTP-(36b501a100000bb9) 220 nlpi081.prodigy.net ESMTP Sendmail 8.13.8 inb ipv6 jeff0203/8.13.8; Mon, 15 Mar 2010 10:59:02 -0500
03:15 23:59 SMTP-(36b501a100000bb9) >EHLO 我的域名
03:15 23:59 SMTP-(36b302d200000bb6) 250 OK
03:15 23:59 SMTP-(36b302d200000bb6) >RCPT To:<fleshliest21@wocal.com>
03:15 23:59 SMTP-(368d02c000000b87) Connect verizon.net [206.46.232.11:25] (1)
03:15 23:59 SMTP-(3691017600000b8c) Connect brbj.com [216.99.131.2:25] (1)
03:15 23:59 SMTP-(369c02cc00000b9b) Connect littleleague.org [12.151.2.241:25] (1)
03:15 23:59 SMTPD(591701cb000006ed) [82.128.19.206] RCPT TO:<awbeck01@sbcglobal.net>
03:15 23:59 SMTPD(591401fa000006e8) [82.128.19.206] RCPT TO:<awadorguk1@aol.com>
03:15 23:59 SMTP-(367e030200000b7b) 250 2.1.0 Ok
03:15 23:59 SMTP-(367e030200000b7b) >RCPT To:<bkawzy@hughes.net>
03:15 23:59 SMTP-(365801cf00000b30) Connect pb-eba.com [194.250.97.250:25] (1)
03:15 23:59 SMTPD(59180221000006ef) [82.128.19.206] RCPT TO:<awesome_like_that@yahoo.com>
03:15 23:59 SMTPD(5923026d000006f7) [82.128.19.206] RCPT TO:<awleung@atvci.net>
03:15 23:59 SMTPD(591c0251000006f3) [82.128.19.206] RCPT TO:<awilliamson2@wi.rr.com>
03:15 23:59 SMTPD(591b0181000006f2) [82.128.19.206] RCPT TO:<awhitejr@pol.net>
03:15 23:59 SMTPD(592401ad000006f9) [82.128.19.206] RCPT TO:<aworm@supanet.com>
03:15 23:59 SMTPD(59130260000006e6) [82.128.19.206] RCPT TO:<avonkrad@naver.com>
03:15 23:59 SMTP-(369b024600000b98) 250 ok 1268668742 qp 3426
03:15 23:59 SMTP-(369b024600000b98) rdeliver yahoogroups.com acba_functions@yahoogroups.com (1) <imf.update@neu.com.cn> 2435
03:15 23:59 SMTP-(369b024600000b98) >QUIT
03:15 23:59 SMTPD(59160093000006eb) [82.128.19.206] RCPT TO:<avs.comp@northlink.net>
03:15 23:59 SMTP-(36b501a100000bb9) 250-nlpi081.prodigy.net Hello [我的ip], pleased to meet you
03:15 23:59 SMTP-(36b501a100000bb9) 250 ENHANCEDSTATUSCODES
03:15 23:59 SMTP-(36b501a100000bb9) >MAIL FROM:<imf.update@neu.com.cn>
03:15 23:59 SMTP-(36b302d200000bb6) 550 No Such User Here
03:15 23:59 SMTP-(36b302d200000bb6) >QUIT
03:15 23:59 SMTP-(368d02c000000b87) 571 Email from 我的ip is currently blocked by Verizon
Online's anti-spam system. The email sender or Email Service Provider may visit
http://www.verizon.net/whitelist and request removal of the block. 100315
03:15 23:59 SMTP-(368d02c000000b87) SMTP_DELIV_FAILED
03:15 23:59 SMTP-(368d02c000000b87) >QUIT
03:15 23:59 SMTP-(368d02c000000b87)
03:15 23:59 SMTP-(368d02c000000b87) Trying bewerbung-gut.de (0) |
|