Ubuntu
看起來有人在使用我的電子郵件伺服器發送垃圾郵件。我能做些什麼來保護它?
在過去的兩天裡,我在收件箱中看到了一些神秘的電子郵件“退回”通知。下面粘貼的是其中之一的原始內容。請注意,我已經審查了我自己的個人資訊。所有這些郵件的
to地址都是 kunnu@mydomain.com。有問題的伺服器是一個執行 Apache、Caucho、Resin 和其他幾個與電子郵件無關的程序的 Ubuntu 9.10 機器。據我所知,它沒有安裝後綴(
which postfix什麼都不返回)。我可以採取哪些步驟來正確診斷和解決問題?
Delivered-To: zzz@xxx.xxx Received: by 10.229.225.8 with SMTP id iq8cs88533qcb; Thu, 5 May 2011 15:41:30 -0700 (PDT) Received: by 10.52.94.48 with SMTP id cz16mr99495vdb.173.1304635290759; Thu, 05 May 2011 15:41:30 -0700 (PDT) Return-Path: <hello+caf_=zzz=xxx.xxx@yyy.yyy> Received: from mail-vx0-f171.google.com ([209.85.220.171]) by mx.google.com with ESMTPS id n7si5967804qcu.16.2011.05.05.15.41.28 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 05 May 2011 15:41:29 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.171 is neither permitted nor denied by best guess record for domain of hello+caf_=zzz=xxx.xxx@yyy.yyy) client-ip=209.85.220.171; Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.220.171 is neither permitted nor denied by best guess record for domain of hello+caf_=zzz=xxx.xxx@yyy.yyy) smtp.mail=hello+caf_=zzz=xxx.xxx@yyy.yyy; dkim=neutral (bad format) header.i=@lists.hserus.net Received: by vxc40 with SMTP id 40so3365116vxc.30 for <zzz@xxx.xxx>; Thu, 05 May 2011 15:41:28 -0700 (PDT) Received: by 10.220.105.148 with SMTP id t20mr703005vco.238.1304635288618; Thu, 05 May 2011 15:41:28 -0700 (PDT) X-Forwarded-To: zzz@xxx.xxx X-Forwarded-For: www@yyy.yyy zzz@xxx.xxx Delivered-To: kunnu@yyy.yyy Received: by 10.220.203.72 with SMTP id fh8cs98486vcb; Thu, 5 May 2011 15:41:28 -0700 (PDT) Received: by 10.68.54.196 with SMTP id l4mr3727970pbp.13.1304635287983; Thu, 05 May 2011 15:41:27 -0700 (PDT) Return-Path: <silklist-bounces+kunnu=yyy.yyy@lists.hserus.net> Received: from frodo.hserus.net (frodo.hserus.net [204.74.68.40]) by mx.google.com with ESMTP id w32si8772572wfd.110.2011.05.05.15.41.26; Thu, 05 May 2011 15:41:26 -0700 (PDT) Received-SPF: pass (google.com: domain of silklist-bounces+kunnu=yyy.yyy@lists.hserus.net designates 204.74.68.40 as permitted sender) client-ip=204.74.68.40; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.hserus.net; s=srs; h=Sender:List-Id:Date:Message-ID:To:From:Subject:Content-Transfer-Encoding:Content-Type:MIME-Version; bh=/sDnjRTvxfRohXXGvS67I68Cagtj6n4xakYy8dcr218=; b=otS4U0mrs56TlFehbxm530tNBxnHi4ty2qhoU6phY3JE4NXddCPCPC4DhYyprKPjcr6odZvuv/LU3Rp5CWFfx9zajBlXIVYbJaAOKGpkQsHHSvK+QWm/mfe7hsv0omRQsZzQ/u7wIgaZ/xq6xq1ZJ7s79lg9HUUifCbu4WQ9l30=; Received: from [2001:4830:20b0:b::3] (port=39583 helo=frodo.hserus.net) by frodo.hserus.net with esmtp (Exim 4.72 #1) id 1QI7Ec-0007f0-Fq for <kunnu@yyy.yyy>; Thu, 05 May 2011 15:41:26 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Your message to silklist awaits moderator approval From: silklist-bounces@lists.hserus.net To: kunnu@yyy.yyy Message-ID: <mailman.2407.1304635201.1969.silklist@lists.hserus.net> Date: Thu, 05 May 2011 15:40:01 -0700 Precedence: bulk X-BeenThere: silklist@lists.hserus.net X-Mailman-Version: 2.1.13 List-Id: Intelligent Conversation <silklist.lists.hserus.net> X-List-Administrivia: yes Sender: silklist-bounces+kunnu=yyy.yyy@lists.hserus.net Errors-To: silklist-bounces+kunnu=yyy.yyy@lists.hserus.net Your mail to 'silklist' with the subject ??????????......... Is being held until the list moderator can review it for approval. The reason it is being held: Post by non-member to a members-only list Either the message will get posted to the list, or you will receive notification of the moderator's decision. If you would like to cancel this posting, please visit the following URL: http://lists.hserus.net/mailman/confirm/silklist/2a4fa5a64a95b7109163b7f78731fbd3d236be13
垃圾郵件發送者的正常做法是使用其他人的電子郵件地址作為發件人。這些地址的收集方式與目標地址相同。除了驗證消息不是真正從您的系統發送的之外,您無能為力。
如果消息是從您的系統發送的,那麼您需要找出是誰或什麼在發送消息並採取適當的措施。
如果消息正在通過您的系統中繼,請確保立即禁用中繼。