[postfix-es] Ayuda postfix spam
Luis Vivas B
luisvivasb en gmail.com
Lun Oct 10 00:08:26 CEST 2011
Buen día a todos,
Les escribo porque he estado en una guerra antispam en la que ya no veo
salida...
Derrepede estuve viendo que había caído en una espiral en que los correos me
estaban rebotando viendo los logs, me encuentro con algunos que no tengo ni
idea de donde salen, pensé en php, pero los que salen de él vienen con la
traza www-data en xxx.com.ve y estos tienen from=<>
El sistema en un Debian, corriendo con ISPConfig y Postfix (instalado desde
apt-get), mail_version = 2.7.1
servmail:/var/mail# cat /var/log/mail.log | grep 678D11784F32
Oct 8 13:43:26 servmail postfix/cleanup[10373]: 678D11784F32: message-id=<
20111008181326.678D11784F32 en xxx.com.ve>
Oct 8 13:43:26 servmail postfix/bounce[10375]: 527801784F18: sender
non-delivery notification: 678D11784F32
Oct 8 13:43:26 servmail postfix/qmgr[15661]: 678D11784F32: from=<>,
size=2811, nrcpt=1 (queue active)
Oct 8 13:43:27 servmail postfix/smtp[10374]: 678D11784F32: host
mailin-03.mx.aol.com[205.188.59.193] refused to talk to me: 421
mtain-da04.r1000.mx.aol.com Service unavailable - try again later
Oct 8 13:43:28 servmail postfix/smtp[10374]: 678D11784F32: host
mailin-04.mx.aol.com[205.188.146.194] refused to talk to me: 421
mtain-dh01.r1000.mx.aol.com Service unavailable - try again later
Oct 8 13:43:29 servmail postfix/smtp[10374]: 678D11784F32: host
mailin-01.mx.aol.com[205.188.159.42] refused to talk to me: 421
mtain-dk06.r1000.mx.aol.com Service unavailable - try again later
Oct 8 13:43:30 servmail postfix/smtp[10374]: 678D11784F32: host
mailin-03.mx.aol.com[205.188.156.193] refused to talk to me: 421
mtain-dl06.r1000.mx.aol.com Service unavailable - try again later
Oct 8 13:43:31 servmail postfix/smtp[10374]: 678D11784F32: to=<
Randy20770 en aol.com>, relay=mailin-03.mx.aol.com[64.12.90.33]:25, delay=4.8,
delays=0/0/4.8/0, dsn=4.0.0, status=deferred (host
mailin-03.mx.aol.com[64.12.90.33]
refused to talk to me: 421 mtain-mg02.r1000.mx.aol.com Service unavailable -
try again later)
Oct 8 13:49:06 servmail postfix/qmgr[15661]: 678D11784F32: from=<>,
size=2811, nrcpt=1 (queue active)
Oct 8 13:49:06 servmail postfix/error[11435]: 678D11784F32: to=<
Randy20770 en aol.com>, relay=none, delay=340, delays=340/0.01/0/0.01,
dsn=4.0.0, status=deferred (delivery temporarily suspended: host
mailin-03.mx.aol.com[205.188.190.2] refused to talk to me: 421
mtain-df06.r1000.mx.aol.com Service unavailable - try again later)
Oct 8 13:59:06 servmail postfix/qmgr[15661]: 678D11784F32: from=<>,
size=2811, nrcpt=1 (queue active)
Oct 8 13:59:06 servmail postfix/smtp[13417]: 678D11784F32: host
mailin-03.mx.aol.com[205.188.190.2] refused to talk to me: 421
mtain-df05.r1000.mx.aol.com Service unavailable - try again later
Viendo la cola de correo pendiente vi esto:
postqueue -p
-Queue ID- --Size-- ----Arrival Time---- -Sender/Recipient-------
CE3991784F08 2830 Fri Oct 7 14:14:12 MAILER-DAEMON
(delivery temporarily suspended: host mailin-03.mx.aol.com[64.12.90.33]
refused to talk to me: 421 4.7.1 : (DYN:T1)
http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson26008 en aol.com
158C51784F2F 2799 Fri Oct 7 14:48:17 MAILER-DAEMON
(host mailin-03.mx.aol.com[64.12.90.97] refused to talk to me: 421 4.7.1 :
(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson29698 en aol.com
28E9B1784F03 2834 Fri Oct 7 14:10:21 MAILER-DAEMON
(host mailin-03.mx.aol.com[205.188.190.2] refused to talk to me: 421 4.7.1 :
(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson22588 en aol.com
2A42F1784F0F 2819 Fri Oct 7 14:18:40 MAILER-DAEMON
(host mailin-03.mx.aol.com[64.12.90.33] refused to talk to me: 421 4.7.1 :
(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson11997 en aol.com
241A11784F01 2829 Fri Oct 7 14:09:20 MAILER-DAEMON
(host mailin-03.mx.aol.com[64.12.90.33] refused to talk to me: 421 4.7.1 :
(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson30843 en aol.com
98B601784F0A 2833 Fri Oct 7 14:15:30 MAILER-DAEMON
(delivery temporarily suspended: host mailin-03.mx.aol.com[64.12.90.33]
refused to talk to me: 421 4.7.1 : (DYN:T1)
http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson25003 en aol.com
9298C1784F02 2806 Fri Oct 7 14:09:33 MAILER-DAEMON
(host mailin-04.mx.aol.com[64.12.90.34] refused to talk to me: 421 4.7.1 :
(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson7646 en aol.com
9AB461784F19 2833 Sat Oct 8 14:12:31 MAILER-DAEMON
(host mailin-03.mx.aol.com[205.188.156.193] refused to talk to me: 421 4.7.1
: (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Randy30000 en aol.com
7DFE61784EF6 2789 Fri Oct 7 14:03:46 MAILER-DAEMON
(host mailin-02.mx.aol.com[64.12.90.65] refused to talk to me: 421 4.7.1 :
(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson3525 en aol.com
788EB1784F33 2799 Fri Oct 7 15:03:29 MAILER-DAEMON
(delivery temporarily suspended: host mailin-03.mx.aol.com[64.12.90.33]
refused to talk to me: 421 4.7.1 : (DYN:T1)
http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson22956 en aol.com
732E21784F27 2819 Fri Oct 7 14:46:31 MAILER-DAEMON
(host mailin-04.mx.aol.com[64.12.90.66] refused to talk to me: 421 4.7.1 :
(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson20560 en aol.com
A19B21784F26 2833 Sat Oct 8 13:38:53 MAILER-DAEMON
(host mailin-04.mx.aol.com[205.188.103.2] refused to talk to me: 421 4.7.1 :
(DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Randy14063 en aol.com
A09041784F2C 2798 Fri Oct 7 14:48:15 MAILER-DAEMON
(host mailin-01.mx.aol.com[205.188.159.42] refused to talk to me: 421 4.7.1
: (DYN:T1) http://postmaster.info.aol.com/errors/421dynt1.html)
Jackson27199 en aol.com
678D11784F32 2811 Sat Oct 8 13:43:26 MAILER-DAEMON
(delivery temporarily suspended: host mailin-04.mx.aol.com[205.188.103.2]
refused to talk to me: 421 4.7.1 : (DYN:T1)
http://postmaster.info.aol.com/errors/421dynt1.html)
Randy20770 en aol.com
Como ven este código le tiene un amor a aol.com ya que genera los usuarios
aleatorios y empieza a enviarles su basura...
Espero su colaboración, muchas gracias y feliz inicio de semana....
--
Luis Vivas B.
Runing GNU/Linux: Debian, Ubuntu & Canaima
------------ próxima parte ------------
Se ha borrado un adjunto en formato HTML...
URL: <http://lists.wl0.org/pipermail/postfix-es/attachments/20111009/15468a94/attachment-0001.html>
Más información sobre la lista de distribución postfix-es