服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 我们的邮件服务器(而不是一个开放的中继服务器)smtp中继攻击
Intereting Posts
SharePoint静默服务器 亚马逊Route 53有没有像样的GUI? GlusterFS和ZFS快照 不能ping或连接到我的邮件服务器与Outlook但互联网工作正常 postfix虚拟域是否接受通配符? 在什么情况下,TCP-over-TCP执行情况明显比单独TCP(2014)要差? 将Linux系统的基础扩展到当前状态以生成playbook / dockerfile / shell脚本? 我该如何向dspam解释用户“brandon”与“brandon @ mydomain”相同? RHEL 5.5服务器将大多数设备列为“未知设备” 为什么长电缆需要cat6? 单个IIS,2个应用程序,2个IP地址,2个域,2个SSL 在xenserver上没有空间快照 – Catch 22移动虚拟机 子域不parsing为IP 避免不存在的域指向我国的networking信息中心? 什么是支持IPv6粘合的好,便宜的注册商?

我们的邮件服务器(而不是一个开放的中继服务器)smtp中继攻击

帮帮我,

我们把我们的Exchange服务器(10.0.0.125)放在一个SMTP代理服务器 (Xeams,如果你听说过的),但是最近我们的客户投诉我们回复他们的电子邮件太迟了 – 我们发现实际上我们收到他们的电子邮件几个小时,一天延迟!

我们拥有的Xeams代理位于我们的Exchange前面,使用IP 10.0.0.10监听进入我们的防火墙(10.0.0.1)的所有外部请求,如果它是合格的中继(10.0.0.x),则会中继电子邮件,其中包括从Exchange Server(10.0.0.125)中继邮件。

我不擅长networking,所以我不知道我是否发现了导致延迟的正确问题:我发现有大量的并发连接到我们的Xeams服务器试图进行中继,其中大部分是从无处试图发送垃圾邮件到“ [email protected] ”一样的电子邮件地址,我想这是拒绝那些延迟我们的传入/传出电子邮件的中继请求的工作量…任何人都可以帮忙请!

=====这里是我从我们的电子邮件代理=======select的一些日志 

2014-03-20 14:58:29,994 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:30,371 - [ 74058] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:30,371 - [ 74058] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:30,863 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:30,863 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:31,291 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:31,291 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:34,297 - [ 74057] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:34,297 - [ 74057] C --> DATA 2014-03-20 14:58:34,297 - [ 74057] S <-- 503 Send RCPT TO before DATA command 2014-03-20 14:58:35,010 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:35,010 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:35,402 - [ 74058] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:35,402 - [ 74058] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:35,876 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:35,876 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:36,305 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:36,305 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:36,914 - [ 74062] ************ New connection from: 117.141.200.224 2014-03-20 14:58:37,293 - [ 74062] C --> EHLO PC-201205080653 2014-03-20 14:58:37,293 - [ 74062] S <-- 250-EXCHANGE.webcider.com Hello [10.0.0.20] 2014-03-20 14:58:37,293 - [ 74062] S <-- 250-SIZE 377487360 2014-03-20 14:58:37,293 - [ 74062] S <-- 250-PIPELINING 2014-03-20 14:58:37,293 - [ 74062] S <-- 250-DSN 2014-03-20 14:58:37,293 - [ 74062] S <-- 250-ENHANCEDSTATUSCODES 2014-03-20 14:58:37,293 - [ 74062] S <-- 250-AUTH NTLM 2014-03-20 14:58:37,293 - [ 74062] S <-- 250-8BITMIME 2014-03-20 14:58:37,293 - [ 74062] S <-- 250 OK 2014-03-20 14:58:37,685 - [ 74062] C --> RSET 2014-03-20 14:58:40,018 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:40,018 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:40,416 - [ 74058] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:40,416 - [ 74058] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:40,900 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:40,900 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:41,029 - [ 74063] ************ New connection from: 117.174.132.109 2014-03-20 14:58:41,312 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:41,312 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:41,500 - [ 74063] C --> EHLO PC-201205081432 2014-03-20 14:58:41,500 - [ 74063] S <-- 250-EXCHANGE.webcider.com Hello [10.0.0.20] 2014-03-20 14:58:41,500 - [ 74063] S <-- 250-SIZE 377487360 2014-03-20 14:58:41,500 - [ 74063] S <-- 250-PIPELINING 2014-03-20 14:58:41,500 - [ 74063] S <-- 250-DSN 2014-03-20 14:58:41,500 - [ 74063] S <-- 250-ENHANCEDSTATUSCODES 2014-03-20 14:58:41,500 - [ 74063] S <-- 250-AUTH NTLM 2014-03-20 14:58:41,500 - [ 74063] S <-- 250-8BITMIME 2014-03-20 14:58:41,500 - [ 74063] S <-- 250 OK 2014-03-20 14:58:41,994 - [ 74063] C --> RSET 2014-03-20 14:58:42,697 - [ 74062] S <-- 250 2.0.0 Resetting 2014-03-20 14:58:42,697 - [ 74062] C --> MAIL FROM:<[email protected]> 2014-03-20 14:58:42,697 - [ 74062] S <-- 250 2.1.0 Sender OK 2014-03-20 14:58:42,697 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:45,035 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:45,035 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:45,428 - [ 74058] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:45,428 - [ 74058] C --> DATA 2014-03-20 14:58:45,428 - [ 74058] S <-- 503 Send RCPT TO before DATA command 2014-03-20 14:58:45,905 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:45,905 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:46,319 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:46,319 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:47,001 - [ 74063] S <-- 250 2.0.0 Resetting 2014-03-20 14:58:47,001 - [ 74063] C --> MAIL FROM:<[email protected]> 2014-03-20 14:58:47,001 - [ 74063] S <-- 250 2.1.0 Sender OK 2014-03-20 14:58:47,001 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:47,520 - [ 74057] ~~~~~~~~~~~~ Connection Terminated (124353:999999) 2014-03-20 14:58:47,688 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:47,688 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:50,031 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:50,031 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:50,923 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:50,923 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:51,316 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:51,316 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:52,026 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:52,026 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:52,694 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:52,694 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:55,048 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:55,048 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:55,937 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:55,937 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:56,334 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:56,334 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:57,035 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:57,035 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:57,696 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:58:57,696 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:58:58,944 - [ 74058] ~~~~~~~~~~~~ Connection Terminated (126028:999999) 2014-03-20 14:59:00,061 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:00,061 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:00,947 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:00,947 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:01,341 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:01,341 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:02,041 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:02,041 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:02,704 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:02,704 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:05,073 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:05,073 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:05,944 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:05,944 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:06,368 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:06,368 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:07,044 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:07,044 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:07,729 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:07,729 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:10,072 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:10,072 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:10,945 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:10,945 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:11,360 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:11,360 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:12,072 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:12,072 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:12,744 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:12,744 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:15,077 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:15,077 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:15,948 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:15,948 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:16,356 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:16,356 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:16,860 - [ 74064] ************ New connection from: 27.18.22.158 2014-03-20 14:59:17,074 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:17,074 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:17,508 - [ 74064] C --> EHLO PC-201401110338 2014-03-20 14:59:17,508 - [ 74064] S <-- 250-EXCHANGE.webcider.com Hello [10.0.0.20] 2014-03-20 14:59:17,508 - [ 74064] S <-- 250-SIZE 377487360 2014-03-20 14:59:17,508 - [ 74064] S <-- 250-PIPELINING 2014-03-20 14:59:17,508 - [ 74064] S <-- 250-DSN 2014-03-20 14:59:17,508 - [ 74064] S <-- 250-ENHANCEDSTATUSCODES 2014-03-20 14:59:17,508 - [ 74064] S <-- 250-AUTH NTLM 2014-03-20 14:59:17,508 - [ 74064] S <-- 250-8BITMIME 2014-03-20 14:59:17,508 - [ 74064] S <-- 250 OK 2014-03-20 14:59:17,751 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:17,751 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:18,175 - [ 74064] C --> RSET 2014-03-20 14:59:20,089 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:20,089 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:20,963 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:20,963 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:21,370 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:21,370 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:22,097 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:22,097 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:22,776 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:22,776 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:23,177 - [ 74064] S <-- 250 2.0.0 Resetting 2014-03-20 14:59:23,177 - [ 74064] C --> MAIL FROM:<[email protected]> 2014-03-20 14:59:23,177 - [ 74064] S <-- 250 2.1.0 Sender OK 2014-03-20 14:59:23,177 - [ 74064] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:25,112 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:25,112 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:25,956 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:25,956 - [ 74059] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:26,370 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:26,370 - [ 74060] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:27,120 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:27,120 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:27,785 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:27,785 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:28,194 - [ 74064] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:28,194 - [ 74064] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:30,129 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:30,129 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:30,973 - [ 74059] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:30,973 - [ 74059] C --> DATA 2014-03-20 14:59:30,973 - [ 74059] S <-- 503 Send RCPT TO before DATA command 2014-03-20 14:59:31,356 - [ 74060] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:31,356 - [ 74060] C --> DATA 2014-03-20 14:59:31,356 - [ 74060] S <-- 503 Send RCPT TO before DATA command 2014-03-20 14:59:32,135 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:32,135 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:32,803 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:32,803 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:33,186 - [ 74064] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:33,186 - [ 74064] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:35,151 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:35,151 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:37,139 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:37,139 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:37,823 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:37,823 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:38,198 - [ 74064] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:38,198 - [ 74064] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:40,167 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:40,167 - [ 74061] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:42,156 - [ 74063] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:42,156 - [ 74063] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:42,828 - [ 74062] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:42,828 - [ 74062] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:43,221 - [ 74064] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:43,221 - [ 74064] C --> RCPT TO:<[email protected]> 2014-03-20 14:59:44,007 - [ 74059] ~~~~~~~~~~~~ Connection Terminated (124147:999999) 2014-03-20 14:59:44,610 - [ 74060] ~~~~~~~~~~~~ Connection Terminated (124300:999999) 2014-03-20 14:59:45,171 - [ 74061] S <-- 550 5.7.1 Unable to relay 2014-03-20 14:59:45,171 - [ 74061] C --> RCPT TO:<[email protected]>

SMTP不提供交货保证,也不保证交货及时。 你唯一能做的就是把你的系统排除在延迟的原因之外。 以下是我的build议:查找客户端发送的示例电子邮件,并将它到达防火墙的时间与它到达代理服务器的时间进行比较,然后比较到达Exchange服务器的时间。 如果有一个很大的延迟,那么你可以更深入地了解为什么会发生这种情况。 如果没有延迟,那么问题可能就不在你身边了,你无能为力。