- 论坛徽章:
- 0
|
各位仁兄qmail系统日志如下:
-----------------------------------
Hi. This is the qmail-send program at winnet.com
I tried to deliver a bounce message to this address, but the bounce bounced!
<anonymous@winnet.com>;:
Sorry, no mailbox here by that name. vpopmail (#5.1.1)
--- Below this line is the original bounce.
Return-Path: <>;
Received: (qmail 18610 invoked for bounce); 8 Oct 2004 20:02:54 -0000
Date: 8 Oct 2004 20:02:54 -0000
Wrom: XOEAIJJPHSCRTNHGSWZIDREX
To: anonymous@winnet.com
Subject: failure notice
Hi. This is the qmail-send program at winnet.com
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<root@winnet.com>;:
Sorry, no mailbox here by that name. vpopmail (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: <anonymous@winnet.com>;
Received: (qmail 18606 invoked by uid 0); 8 Oct 2004 20:02:54 -0000
Date: 8 Oct 2004 20:02:16 -0000
Message-ID: <20041008200216.18393.qmail@winnet.com>;
Wrom: CAXZOWCONEUQZAAFXISHJEXXIMQZUI
To: root@winnet.com
Subject: Cron run-parts /etc/cron.daily
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
X-Cron-Env:
/etc/cron.daily/00webalizer:
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
Warning: Truncating oversized request field
刚开始好像是用户不存在,但后面的 Warning: Truncating oversized request field 请求失败 ? 下面的就更厉害啦!非法访问!垃圾邮件?!
-------------------------------------------------------------------------------------
Hi. This is the qmail-send program at winnet.com
I tried to deliver a bounce message to this address, but the bounce bounced!
<root@winnet.com>;:
Sorry, no mailbox here by that name. vpopmail (#5.1.1)
--- Below this line is the original bounce.
Return-Path: <>;
Received: (qmail 24213 invoked for bounce); 9 Oct 2004 20:02:12 -0000
Date: 9 Oct 2004 20:02:12 -0000
Wrom: VOTQNQEMSFDULHPQQWOYIYZUNNYCG
To: root@winnet.com
Subject: failure notice
Hi. This is the qmail-send program at winnet.com
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.
<root@winnet.com>;:
Sorry, no mailbox here by that name. vpopmail (#5.1.1)
--- Below this line is a copy of the message.
Return-Path: <root@winnet.com>;
Received: (qmail 24205 invoked by uid 0); 9 Oct 2004 20:02:12 -0000
Date: 9 Oct 2004 20:02:12 -0000
Message-ID: <20041009200212.24204.qmail@winnet.com>;
Wrom: PKYLEJGDGVCJVTL
To: root@winnet.com
Subject: LogWatch for mail.pspharm.com.cn
################### LogWatch 4.3.1 (01/13/03) ####################
Processing Initiated: Sun Oct 10 04:02:01 2004
Date Range Processed: yesterday
Detail Level of Output: 0
Logfiles for Host: mail.pspharm.com.cn
################################################################
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (210.118.75.247 ): 1 Time(s)
root (211.216.165.148 ): 3 Time(s)
---------------------- pam_unix End -------------------------
--------------------- qmail Begin ------------------------
Remote Server Responses:
Deferral(443) - 60 Time(s)
Failure(511) - 7 Time(s)
Failure(550) - 5 Time(s)
Success(250) - 28 Time(s)
Percentage(s):
Deferral - 60.00 %
Failure - 12.00 %
Success - 28.00 %
---------------------- qmail End -------------------------
--------------------- SSHD Begin ------------------------
Failed logins from these:
root/password from 210.118.75.247: 1 Time(s)
root/password from 211.216.165.148: 3 Time(s)
**Unmatched Entries**
Illegal user test from 211.216.165.148
Illegal user guest from 211.216.165.148
Illegal user admin from 211.216.165.148
Illegal user admin from 211.216.165.148
Illegal user user from 211.216.165.148
Illegal user test from 211.216.165.148
Illegal user test from 210.118.75.247
Illegal user guest from 210.118.75.247
Illegal user admin from 210.118.75.247
Illegal user admin from 210.118.75.247
Illegal user user from 210.118.75.247
---------------------- SSHD End -------------------------
--------------------- vpopmail Begin ------------------------
Password Failures:
luc@winnet.com - 2 Time(s)
test@winnet.com - 12 Time(s)
zl@winnet.com - 3 Time(s)
zln@winnet.com- 4 Time(s)
No Such User Found:
admin@winnet.com- 28 Time(s)
backup@winnet.com - 28 Time(s)
data@winnet.com- 28 Time(s)
master@winnet.com - 28 Time(s)
oracle@winnet.com - 28 Time(s)
pass@winnet.com- 28 Time(s)
passwd@winnet.com- 28 Time(s)
password@winnet.com- 28 Time(s)
root@winnet.com- 28 Time(s)
server@winnet.com- 28 Time(s)
steven@winnet.com- 28 Time(s)
stevenfamily@winnet.com- 28 Time(s)
sybase@winnet.com 28 Time(s)
user@winnet.com - 28 Time(s)
web@winnet.com - 28 Time(s)
webmaster@winnet.com - 28 Time(s)
---------------------- vpopmail End -------------------------
###################### LogWatch End #########################
------------------------------------------------------------------------------------
红色部分更是可怕的信号,非法访问连接。后面还有大量的垃圾邮件!不知道有没有一种方法让qmail不要接受系统中不存在的用户的邮件呀??另外如果系统中存在这些垃圾邮件(用户不存在),我应该如何处理呢?!!
针对目前这种状况不知各位仁兄有何良策呀???!!
在此一并谢过!!!! |
|