在过去的两天里,我在收件箱中看到了一些神秘的电子邮件“反弹”通知。 下面粘贴的是其中一个的原始内容。 请注意,我审查了我自己的个人信息。 所有这些消息的地址是[email protected]。
有问题的服务器是运行Apache,Caucho,Resin和一些其他与电子邮件无关的其他进程的Ubuntu 9.10盒子。 据我所知,它没有安装后缀( which postfix什么都不返回)。
我可以采取哪些措施来正确诊断和解决问题?
Delivered-To: [email protected] Received: by 10.229.225.8 with SMTP id iq8cs88533qcb; Thu, 5 May 2011 15:41:30 -0700 (PDT) Received: by 10.52.94.48 with SMTP id cz16mr99495vdb.173.1304635290759; Thu, 05 May 2011 15:41:30 -0700 (PDT) Return-Path: <[email protected]> Received: from mail-vx0-f171.google.com ([209.85.220.171]) by mx.google.com with ESMTPS id n7si5967804qcu.16.2011.05.05.15.41.28 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 05 May 2011 15:41:29 -0700 (PDT) Received-SPF: neutral (google.com: 209.85.220.171 is neither permitted nor denied by best guess record for domain of [email protected]) client-ip=209.85.220.171; Authentication-Results: mx.google.com; spf=neutral (google.com: 209.85.220.171 is neither permitted nor denied by best guess record for domain of [email protected]) [email protected]; dkim=neutral (bad format) [email protected] Received: by vxc40 with SMTP id 40so3365116vxc.30 for <[email protected]>; Thu, 05 May 2011 15:41:28 -0700 (PDT) Received: by 10.220.105.148 with SMTP id t20mr703005vco.238.1304635288618; Thu, 05 May 2011 15:41:28 -0700 (PDT) X-Forwarded-To: [email protected] X-Forwarded-For: [email protected] [email protected] Delivered-To: [email protected] Received: by 10.220.203.72 with SMTP id fh8cs98486vcb; Thu, 5 May 2011 15:41:28 -0700 (PDT) Received: by 10.68.54.196 with SMTP id l4mr3727970pbp.13.1304635287983; Thu, 05 May 2011 15:41:27 -0700 (PDT) Return-Path: <[email protected]> Received: from frodo.hserus.net (frodo.hserus.net [204.74.68.40]) by mx.google.com with ESMTP id w32si8772572wfd.110.2011.05.05.15.41.26; Thu, 05 May 2011 15:41:26 -0700 (PDT) Received-SPF: pass (google.com: domain of [email protected] designates 204.74.68.40 as permitted sender) client-ip=204.74.68.40; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.hserus.net; s=srs; h=Sender:List-Id:Date:Message-ID:To:From:Subject:Content-Transfer-Encoding:Content-Type:MIME-Version; bh=/sDnjRTvxfRohXXGvS67I68Cagtj6n4xakYy8dcr218=; b=otS4U0mrs56TlFehbxm530tNBxnHi4ty2qhoU6phY3JE4NXddCPCPC4DhYyprKPjcr6odZvuv/LU3Rp5CWFfx9zajBlXIVYbJaAOKGpkQsHHSvK+QWm/mfe7hsv0omRQsZzQ/u7wIgaZ/xq6xq1ZJ7s79lg9HUUifCbu4WQ9l30=; Received: from [2001:4830:20b0:b::3] (port=39583 helo=frodo.hserus.net) by frodo.hserus.net with esmtp (Exim 4.72 #1) id 1QI7Ec-0007f0-Fq for <[email protected]>; Thu, 05 May 2011 15:41:26 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Subject: Your message to silklist awaits moderator approval From: [email protected] To: [email protected] Message-ID: <[email protected]> Date: Thu, 05 May 2011 15:40:01 -0700 Precedence: bulk X-BeenThere: [email protected] X-Mailman-Version: 2.1.13 List-Id: Intelligent Conversation <silklist.lists.hserus.net> X-List-Administrivia: yes Sender: [email protected] Errors-To: [email protected] Your mail to 'silklist' with the subject ??????????......... Is being held until the list moderator can review it for approval. The reason it is being held: Post by non-member to a members-only list Either the message will get posted to the list, or you will receive notification of the moderator's decision. If you would like to cancel this posting, please visit the following URL: http://lists.hserus.net/mailman/confirm/silklist/2a4fa5a64a95b7109163b7f78731fbd3d236be13
垃圾邮件发送者的正常做法是使用其他人的电子邮件地址作为发件人。 这些地址以与目标地址相同的方式收获。 除了validation消息不是真的从你的系统发送,你无能为力。
如果消息是从你的系统发送的,那么你需要找出发送者是谁或做什么,并采取适当的行动。
如果消息正在通过您的系统中继,请确保中继function被立即禁用。