队列里很多yahoo.tw 的邮件，请问是怎么形成的。

bladezxf

[root@mail log]# postcat -q 1318565D683
*** ENVELOPE RECORDS deferred/1/1318565D683 ***
message_size:            2192            1127               8               0
message_arrival_time: Sun May  4 15:33:31 2008
create_time: Sun May  4 15:33:31 2008
named_attribute: rewrite_context=local
sender:
named_attribute: log_client_name=mail
named_attribute: log_client_address=127.0.0.1
named_attribute: log_message_origin=mail[127.0.0.1]
named_attribute: log_helo_name=localhost
named_attribute: log_protocol_name=ESMTP
named_attribute: client_name=mail
named_attribute: reverse_client_name=mail
named_attribute: client_address=127.0.0.1
named_attribute: helo_name=localhost
named_attribute: client_address_type=2
named_attribute: dsn_orig_rcpt=rfc822;kuamei1985@yahoo.com.tw
original_recipient: kuamei1985@yahoo.com.tw
recipient: kuamei1985@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;kuan5881@yahoo.com.tw
original_recipient: kuan5881@yahoo.com.tw
recipient: kuan5881@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;kunda_klva@yahoo.com.tw
original_recipient: kunda_klva@yahoo.com.tw
recipient: kunda_klva@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;kunshu88@yahoo.com.tw
original_recipient: kunshu88@yahoo.com.tw
recipient: kunshu88@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;kuo1021@yahoo.com.tw
original_recipient: kuo1021@yahoo.com.tw
recipient: kuo1021@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;kuo3395340@yahoo.com.tw
original_recipient: kuo3395340@yahoo.com.tw
recipient: kuo3395340@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;kuofangchun@yahoo.com.tw
original_recipient: kuofangchun@yahoo.com.tw
recipient: kuofangchun@yahoo.com.tw
named_attribute: dsn_orig_rcpt=rfc822;kuso_55@yahoo.com.tw
original_recipient: kuso_55@yahoo.com.tw
recipient: kuso_55@yahoo.com.tw
*** MESSAGE CONTENTS deferred/1/1318565D683 ***
Received: from localhost (mail [127.0.0.1])
        by mail.test.cn (Postfix - by extmail.org) with ESMTP id 1318565D683;
        Sun,  4 May 2008 15:33:31 +0800 (CST)
X-Virus-Scanned: amavisd-new at test.cn
X-Spam-Flag: YES
X-Spam-Score: 9.979
X-Spam-Level: *********
X-Spam-Status: Yes, score=9.979 tagged_above=2 required=5
        tests=[DATE_IN_FUTURE_48_96=2.296, FORGED_MUA_OUTLOOK=3.037,
        FORGED_OUTLOOK_HTML=0.022, FORGED_OUTLOOK_TAGS=0, FROM_NO_LOWER=1.307,
        FROM_NO_USER=0.344, HTML_MESSAGE=0.001, MIME_BASE64_TEXT=0.11,
        MIME_HTML_ONLY=1.158, MSGID_FROM_MTA_ID=1.704]
Received: from mail.test.cn ([127.0.0.1])
        by localhost (mail.test.cn [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id dib-w7W7hubA; Sun,  4 May 2008 15:33:30 +0800 (CST)
Received: from 888tiger-d13ded (unknown [221.12.147.80])
        by mail.test.cn (Postfix - by extmail.org) with ESMTP id 0C7DB65D671;
        Sun,  4 May 2008 15:33:25 +0800 (CST)
From: =?BIG5?B?sEuleLa2?= <>
To: "kuamei1985" <kuamei1985@yahoo.com.tw>
Subject: =?BIG5?B?ocUyMDA4ILPMt3MyMKT5rk24y0RWRC6zzKT1w3qqur9FsaG6dKVYomc=?=
Date: Wed, 7 May 2008 15:32:43 +0800
MIME-Version: 1.0
Content-Type: text/html;
        charset="Big5"
Content-Transfer-Encoding: base64
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Message-Id: <20080504073325.0C7DB65D671@mail.test.cn>

队列里很多这样的邮件。目前没做dns反解 ，yahoo.tw拒收。所以就放在队列里了。
问题是这些邮件是怎么来的呢，每天有上万封吧 。。
我的邮件服务器是有身份认证的，从日志看也没被open relay

刘五十三

找几封信分析log就可以看出了

bladezxf

[root@mail log]# cat maillog | grep 1318565D683
May  4 15:33:31 mail postfix/smtpd[3797]: 1318565D683: client=mail[127.0.0.1]
May  4 15:33:31 mail postfix/cleanup[3802]: 1318565D683: message-id=<20080504073325.0C7DB65D671@mail.test.cn>
May  4 15:33:31 mail postfix/smtp[1177]: 0C7DB65D671: to=<kuamei1985@yahoo.com.tw>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=7, delay=6.3, delays=3.4/2.6/0/0.36, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=03685-05-7, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 1318565D683)
May  4 15:33:31 mail postfix/smtp[1177]: 0C7DB65D671: to=<kuan5881@yahoo.com.tw>, relay=127.0.0.1[127.0.0.1]:10024, conn_use=7, delay=6.3, delays=3.4/2.6/0/0.36, dsn=2.6.0, status=sent (250 2.6.0 Ok, id=03685-05-7, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 1318565D683)

我看不出来什么问题来

有一行日志
May  4 15:35:15 mail amavis[4184]: (04184-01-6) Passed SPAM, [201.74.94.251] <> -> <mf0232@yahoo.com.tw>,<mf3535168@yahoo.com
.tw>,<mfps5168@yahoo.com.tw>,<mg02282000@yahoo.com.tw>,<mg1013kimo@yahoo.com.tw>,<mgch989@yahoo.com.tw>,<mgfiction88@yahoo.co
m.tw>,<mghds520@yahoo.com.tw>,<mgvsdt@yahoo.com.tw>, Message-ID: <20080504073410.4289165D6CA@mail.emay.cn>, mail_id: DjPgoNmy
rH01, Hits: 10.348, 422 ms

201.74.94.251 这个ip没通过认证发邮件？
但我测试我的服务器不通过认证是不能发的
好像是利用了我一个默认帐号？
May  4 15:34:04 mail postfix/smtpd[29586]: 8407665D702: client=201-74-94-251-so.cpe.vivax.com.br[201.74.94.251], sasl_method=
LOGIN, sasl_username=webmaster@test.cn
May  4 15:34:07 mail amavis[3994]: (03994-01) Passed SPAM, [201.74.94.251] <> -> <ls19640214@yahoo.com.tw>,<ls7948@yahoo.com.
tw>,<ls_ryuichi@yahoo.com.tw>,<lsc681201@yahoo.com.tw>,<lschi0928@yahoo.com.tw>,<lsl@yahoo.com.tw>,<lsm16888@yahoo.com.tw>,<l
ss166166@yahoo.com.tw>,<lty409@yahoo.com.tw>, Message-ID: <20080504073350.BD9C265D6D2@mail.test.cn>, mail_id: JyUsaO-u5BC0, H
its: 11.465, 1447 ms

缺省的webmaster密码没有修改。

[ 本帖最后由 bladezxf 于 2008-5-4 17:21 编辑 ]