Добрый день!
В нашей компании используются аккаунты - имя и фамилия, типа
alexeyivanov, nataliaivanova и т.д. Периодически приходят спамерские
сообщения, где в поле To: стоит только один из Алексеев или Наталий,
а спам приходит всем alexey... или всем natalia.... Причем для natalia... почта
всегда приходит для nataliakrivolapova, этот аккаунт отключен, тем не
менее письмо доставляется всем Natalia...
Подскажите, пожалуйста, как справиться с этой проблемой.
Вот кусок лога для примера.
22:36:48.16 4 SMTPI-07993([82.55.169.10]) got connection on [my_ip:25]
22:36:50.82 4 SMTPI-07993([82.55.169.10]) rsp: 220 mydomen.ru ESMTP CommuniGate Pro 4.1.8
22:36:51.82 4 SMTPI-07993([82.55.169.10]) cmd: HELO host10-169.pool8255.interbusiness.it
22:36:52.90 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) rsp: 250 mydomen.ru is pleased to meet you
22:36:54.02 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) cmd: MAIL FROM: <dlblkres@yahoo.com>
22:36:54.03 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) rsp: 250 dlblkres@yahoo.com sender accepted
22:36:55.35 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) cmd: RCPT TO: <NataliaKrivolapova@Mydomen.ru>
22:36:55.35 1 ROUTER NataliaKrivolapova@MyDomen.ru rejected by SYSTEM: Error Code=unknown user account
22:36:55.35 1 SMTPI-07993(host10-169.pool8255.interbusiness.it) Recipient NataliaKrivolapova@MyDomen.ru rejected: unknown user account
22:36:55.35 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) rsp: 550 NataliaKrivolapova@MyDomen.ru unknown user account
22:36:56.29 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) cmd: RCPT TO: <NataliaIvanova@MyDomen.ru>
22:36:56.29 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) rsp: 250 NataliaIvanova@MyDomen.ru will leave the Internet
22:36:57.15 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) cmd: DATA
22:36:57.15 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) rsp: 354 Enter mail, end with "." on a line by itself
22:36:59.52 5 QUEUE([1074663]) header: Received: from host10-169.pool8255.interbusiness.it ([82.55.169.10] verified) by mydomen.ru (CommuniGate Pro SMTP 4.1.8) with SMTP id 1074663 for Natalia
22:36:59.52 5 QUEUE([1074663]) header: FCC: mailbox://dlblkres@yahoo.com/Sent
22:36:59.52 5 QUEUE([1074663]) header: X-Identity-Key: id1
22:36:59.52 5 QUEUE([1074663]) header: Date: Mon, 27 Dec 2004 11:33:23 -0100
22:36:59.52 5 QUEUE([1074663]) header: From: Donn Swanson <dlblkres@yahoo.com>
22:36:59.52 5 QUEUE([1074663]) header: X-Accept-Language: en-us, en
22:36:59.52 5 QUEUE([1074663]) header: MIME-Version: 1.0
22:36:59.52 5 QUEUE([1074663]) header: To: NataliaKrivolapova@MyDomen.ru
22:36:59.52 5 QUEUE([1074663]) header: Subject: re[8]
22:36:59.52 5 QUEUE([1074663]) header: Content-Type: multipart/related; boundary="------------090505020303060709020005"
22:36:59.52 5 QUEUE([1074663]) header: Message-ID: <auto-000001074663@mydomen.ru>
22:36:59.52 5 QUEUE([1074663]) header:
22:36:59.52 2 QUEUE([1074663]) from <dlblkres@yahoo.com>, 10859 bytes (<auto-000001074663@mydomen.ru>)
22:36:59.52 4 EXTFILTER(McAfee) out(28): 4494 FILE Queue/1074663.msg\n
22:36:59.52 2 SMTPI-07993(host10-169.pool8255.interbusiness.it) [1074663] received, 10859 bytes
22:36:59.52 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) rsp: 250 1074663 message accepted for delivery
22:36:59.54 4 EXTFILTER(McAfee) inp(7): 4494 OK
22:36:59.54 4 LOCAL(nataliaivanova) record created
22:36:59.54 4 LOCAL(nataliaivanova) [1074663] enqueueing (new)
22:36:59.54 2 ENQUEUER-05([1074663]) enqueued
22:36:59.54 4 QUEUE([1074663]) closed, nOpen=0
22:36:59.54 4 LOCAL queue is empty
22:36:59.54 4 LOCAL-01(nataliaivanova) delivering
22:36:59.54 4 QUEUE([1074663]) opened, nOpen=1
22:36:59.55 2 MAILBOX(nataliaivanova/INBOX) {13656} appended @0: 74+10737(34) bytes
22:36:59.55 2 MAILBOX(nataliaivanova/INBOX) [1074663] stored as 13656
22:36:59.55 4 QUEUE([1074663]) closed, nOpen=0
22:36:59.55 2 ACCOUNT(nataliaivanova) [1074663] delivered
22:36:59.55 4 LOCAL(nataliaivanova) [1074663] batch delivered
22:36:59.55 2 DEQUEUER [1074663] LOCAL(nataliaivanova) delivered
22:36:59.55 4 DEQUEUER [1074663] placed into empty 'immediate' queue
22:36:59.55 4 DEQUEUER-01 [1074663] processing
22:36:59.55 2 QUEUE([1074663]) deleted
22:36:59.56 4 LOCAL queue is empty
22:37:00.71 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) cmd: QUIT
22:37:00.71 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) rsp: 221 mydomen.ru CommuniGate Pro SMTP closing connection
22:37:00.71 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) closing connection
22:37:00.71 4 SMTPI-07993(host10-169.pool8255.interbusiness.it) releasing stream
С уважением
Александр
Получено Tue Dec 28 01:57:50 2004
Этот архив был сгенерирован hypermail 2.1.8 : Fri 24 Apr 2015 - 16:13:24 MSK