如何检查我的服务器是否变成垃圾邮件机器？

我怀疑有些东西在我不知情的情况下从我的服务器发送了大量的邮件。我想检查我的机器是否变成垃圾邮件服务器。什么是最简单的方法来做到这一点？

与此相关，我还想检查从我的服务器发送的电子邮件的内容。有这样的日志，我可以打开它吗？ /var/log/mail.log不会返回电子邮件的内容，它看起来像这样：

Oct 23 21:03:26 Ubuntu-1204-precise-64-minimal sendmail[29973]: s9NJ31pS029973: to=root, delay=00:00:19, xdelay=00:00:07, mailer=relay, pri=31367, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (s9NJ37kn029974 Message accepted for delivery) Oct 23 21:03:38 Ubuntu-1204-precise-64-minimal sm-mta[29977]: s9NJ37kn029974: to=<root@Ubuntu-1204-precise-64-minimal>, delay=00:00:19, xdelay=00:00:07, mailer=local, pri=32861, dsn=2.0.0, stat=Sent Oct 23 21:06:03 Ubuntu-1204-precise-64-minimal sendmail[30011]: s9NJ61xZ030011: from=root, size=343, class=0, nrcpts=1, msgid=<201410231906.s9NJ61xZ030011@Ubuntu-1204-precise-64-minimal>, relay=root@localhost Oct 23 21:06:05 Ubuntu-1204-precise-64-minimal sm-mta[30014]: s9NJ65rW030014: ruleset=check_rcpt, arg1=<root@Ubuntu-1204-precise-64-minimal>, relay=localhost.localdomain [127.0.0.1], reject=553 5.1.8 <root@Ubuntu-1204-precise-64-minimal>... Domain of sender address root@Ubuntu-1204-precise-64-minimal does not exist Oct 23 21:06:05 Ubuntu-1204-precise-64-minimal sendmail[30011]: s9NJ61xZ030011: to=root, ctladdr=root (0/0), delay=00:00:04, xdelay=00:00:00, mailer=relay, pri=30343, relay=[127.0.0.1] [127.0.0.1], dsn=5.1.8, stat=User unknown Oct 23 21:06:05 Ubuntu-1204-precise-64-minimal sm-mta[30014]: s9NJ65rW030014: from=<root@Ubuntu-1204-precise-64-minimal>, size=343, class=0, nrcpts=0, proto=ESMTP, daemon=MTA-v4, relay=localhost.localdomain [127.0.0.1] Oct 23 21:06:05 Ubuntu-1204-precise-64-minimal sendmail[30011]: s9NJ61xZ030011: s9NJ61xa030011: DSN: User unknown Oct 23 21:06:12 Ubuntu-1204-precise-64-minimal sm-mta[30014]: s9NJ65rY030014: from=<>, size=2623, class=0, nrcpts=1, msgid=<201410231906.s9NJ61xa030011@Ubuntu-1204-precise-64-minimal>, proto=ESMTP, daemon=MTA-v4, relay=localhost.localdomain [127.0.0.1] Oct 23 21:06:13 Ubuntu-1204-precise-64-minimal sendmail[30011]: s9NJ61xa030011: to=root, delay=00:00:08, xdelay=00:00:02, mailer=relay, pri=31367, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (s9NJ65rY030014 Message accepted for delivery) Oct 23 21:06:17 Ubuntu-1204-precise-64-minimal sm-mta[30024]: s9NJ65rY030014: to=<root@Ubuntu-1204-precise-64-minimal>, delay=00:00:06, xdelay=00:00:01, mailer=local, pri=32861, dsn=2.0.0, stat=Sent You have new mail in /var/mail/root

正如你所看到的，有时会出现一些奇怪的信息。

编辑：我有20万未读的电子邮件。以下是我收到的最新电子邮件：

 Return-Path: <MAILER-DAEMON> Received: from Ubuntu-1204-precise-64-minimal (localhost.localdomain [127.0.0.1] ) by fares (8.14.4/8.14.4/Debian-4.1ubuntu1) with ESMTP id s9NAp3iX021790 for <root@Ubuntu-1204-precise-64-minimal>; Thu, 23 Oct 2014 12:51:03 +02 00 Received: from localhost (localhost) by Ubuntu-1204-precise-64-minimal (8.14.4/8.14.4/Submit) id s9NAp1Xu0217 89; Thu, 23 Oct 2014 12:51:03 +0200 Date: Thu, 23 Oct 2014 12:51:03 +0200 From: Mail Delivery Subsystem <MAILER-DAEMON@static.***.clients.***> Message-Id: <201410231051.s9NAp1Xu021789@Ubuntu-1204-precise-64-minimal> To: root@Ubuntu-1204-precise-64-minimal MIME-Version: 1.0 Content-Type: multipart/report; report-type=delivery-status; boundary="s9NAp1Xu021789.1414061463/Ubuntu-1204-precise-64-minimal" Subject: Returned mail: see transcript for details Auto-Submitted: auto-generated (failure) Status: O X-UID: 210004 This is a MIME-encapsulated message --s9NAp1Xu021789.1414061463/Ubuntu-1204-precise-64-minimal The original message was received at Thu, 23 Oct 2014 12:51:01 +0200 from root@localhost ----- The following addresses had permanent fatal errors ----- root (reason: 553 5.1.8 <root@Ubuntu-1204-precise-64-minimal>... Domain of sender address root@Ubuntu-1204-precise-64-minimal does not exist) (expanded from: root) ----- Transcript of session follows ----- ... while talking to [127.0.0.1]: >>> DATA <<< 553 5.1.8 <root@Ubuntu-1204-precise-64-minimal>... Domain of sender address root@Ubuntu-1204-precise-64-minimal does not exist 550 5.1.1 root... User unknown <<< 503 5.0.0 Need RCPT (recipient) --s9NAp1Xu021789.1414061463/Ubuntu-1204-precise-64-minimal Content-Type: message/delivery-status

这只是本地邮件，可能来自您正在运行的服务或cron作业之一。它被发送到根目录，但是邮件服务器不能确定它是否是本地邮件，因为主机名Ubuntu-1204-precise-64-minimal不能被parsing为一个地址。

要解决此问题，请将主机重命名为parsing为服务器IP地址的主机名，或将IP地址和主机名添加到/etc/hosts 。

如果你想检查你的邮件服务器是否是一个开放的中继，可以用来发送垃圾邮件，你可以使用这个

http://mxtoolbox.com/diagnostic.aspx