[Postfixbuch-users] unbekannte emails
Klaus Schuehler p
kschuehler at schuehler.com
Do Apr 7 19:41:30 CEST 2005
Hallo,
ich habe ein Problem mit Postfix. Der Server ist auf eine offenes
Relay
hin überprüft aber in den Logfiles erscheinen Seltsame Sachen:
Apr 7 15:10:15 zero TrashScan[10216]:
************************************************************************
Apr 7 15:10:15 zero TrashScan[10216]: Suspicious code in mail attachment detected
!!!
Apr 7 15:10:15 zero TrashScan[10216]: From:
vonlcomivfeb-ftcjp at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: To: partner at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: Subj:
Apr 7 15:10:15 zero TrashScan[10216]: Date: Thu, 7 Apr 2005 16:06:24 +0200 (CEST)
Apr 7 15:10:15 zero TrashScan[10216]: Virus: Worm.Gibe.F
Apr 7 15:10:15 zero TrashScan[10216]: Alert: Not sent
Apr 7 15:10:15 zero TrashScan[10216]: Notification: Messages sent to
vonlcomivfeb-ftcjp at updates.microsoft.net and partner at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: Check mail.virus !!!
Apr 7 15:10:15 zero TrashScan[10216]:
************************************************************************
Apr 7 15:10:15 zero TrashScan[10216]:
************************************************************************
Apr 7 15:10:15 zero TrashScan[10216]: Suspicious code in mail attachment detected
!!!
Apr 7 15:10:15 zero TrashScan[10216]: From:
vonlcomivfeb-ftcjp at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: To: partner at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: Subj:
Apr 7 15:10:15 zero TrashScan[10216]: Date: Thu, 7 Apr 2005 16:06:24 +0200 (CEST)
Apr 7 15:10:15 zero TrashScan[10216]: Virus: Worm.Gibe.F
Apr 7 15:10:15 zero TrashScan[10216]: Alert: Not sent
Apr 7 15:10:15 zero TrashScan[10216]: Notification: Messages sent to
vonlcomivfeb-ftcjp at updates.microsoft.net and partner at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: Check mail.virus !!!
Apr 7 15:10:15 zero TrashScan[10216]:
************************************************************************
Apr 7 15:10:15 zero TrashScan[10216]:
************************************************************************
Apr 7 15:10:15 zero TrashScan[10216]: Suspicious code in mail attachment detected
!!!
Apr 7 15:10:15 zero TrashScan[10216]: From:
vonlcomivfeb-ftcjp at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: To: partner at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: Subj:
Apr 7 15:10:15 zero TrashScan[10216]: Date: Thu, 7 Apr 2005 16:06:24 +0200 (CEST)
Apr 7 15:10:15 zero TrashScan[10216]: Virus: Worm.Gibe.F
Apr 7 15:10:15 zero TrashScan[10216]: Alert: Not sent
Apr 7 15:10:15 zero TrashScan[10216]: Notification: Messages sent to
vonlcomivfeb-ftcjp at updates.microsoft.net and partner at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: Check mail.virus !!!
Apr 7 15:10:15 zero TrashScan[10216]:
************************************************************************
Apr 7 15:10:15 zero TrashScan[10216]:
************************************************************************
Apr 7 15:10:15 zero TrashScan[10216]: Suspicious code in mail attachment detected
!!!
Apr 7 15:10:15 zero TrashScan[10216]: From:
vonlcomivfeb-ftcjp at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: To: partner at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: Subj:
Apr 7 15:10:15 zero TrashScan[10216]: Date: Thu, 7 Apr 2005 16:06:24 +0200 (CEST)
Apr 7 15:10:15 zero TrashScan[10216]: Virus: Worm.Gibe.F
Apr 7 15:10:15 zero TrashScan[10216]: Alert: Not sent
Apr 7 15:10:15 zero TrashScan[10216]: Notification: Messages sent to
vonlcomivfeb-ftcjp at updates.microsoft.net and partner at updates.microsoft.net
Apr 7 15:10:15 zero TrashScan[10216]: Check mail.virus !!!
Apr 7 15:10:15 zero TrashScan[10216]:
************************************************************************
Apr 7 15:14:46 zero TrashScan[10545]:
************************************************************************
Apr 7 15:14:46 zero TrashScan[10545]: Suspicious code in mail attachment detected
!!!
Apr 7 15:14:46 zero TrashScan[10545]: From: emailengine at rocketmail.com
Apr 7 15:14:46 zero TrashScan[10545]: To: recipient at mxdomain.com
Apr 7 15:14:46 zero TrashScan[10545]: Subj:
Apr 7 15:14:46 zero TrashScan[10545]: Date: Thu, 7 Apr 2005 16:11:45 +0200 (CEST)
Apr 7 15:14:46 zero TrashScan[10545]: Virus: Worm.Gibe.F
Apr 7 15:14:46 zero TrashScan[10545]: Alert: Not sent
Apr 7 15:14:46 zero TrashScan[10545]: Notification: Messages sent to
emailengine at rocketmail.com and recipient at mxdomain.com
Apr 7 15:14:46 zero TrashScan[10545]: Check mail.virus !!!
Apr 7 15:14:46 zero TrashScan[10545]:
************************************************************************
Apr 7 15:14:46 zero TrashScan[10545]:
************************************************************************
Apr 7 15:14:46 zero TrashScan[10545]: Suspicious code in mail attachment detected
!!!
Apr 7 15:14:46 zero TrashScan[10545]: From: emailengine at rocketmail.com
Apr 7 15:14:46 zero TrashScan[10545]: To: recipient at mxdomain.com
Apr 7 15:14:46 zero TrashScan[10545]: Subj:
Apr 7 15:14:46 zero TrashScan[10545]: Date: Thu, 7 Apr 2005 16:11:45 +0200 (CEST)
Apr 7 15:14:46 zero TrashScan[10545]: Virus: Worm.Gibe.F
Apr 7 15:14:46 zero TrashScan[10545]: Alert: Not sent
Apr 7 15:14:46 zero TrashScan[10545]: Notification: Messages sent to
emailengine at rocketmail.com and recipient at mxdomain.com
Apr 7 15:14:46 zero TrashScan[10545]: Check mail.virus !!!
Apr 7 15:14:46 zero TrashScan[10545]:
************************************************************************
Apr 7 15:14:46 zero TrashScan[10545]:
************************************************************************
Apr 7 15:14:46 zero TrashScan[10545]: Suspicious code in mail attachment detected
!!!
Apr 7 15:14:46 zero TrashScan[10545]: From: emailengine at rocketmail.com
Apr 7 15:14:46 zero TrashScan[10545]: To: recipient at mxdomain.com
Apr 7 15:14:46 zero TrashScan[10545]: Subj:
Apr 7 15:14:46 zero TrashScan[10545]: Date: Thu, 7 Apr 2005 16:11:45 +0200 (CEST)
Apr 7 15:14:46 zero TrashScan[10545]: Virus: Worm.Gibe.F
Apr 7 15:14:46 zero TrashScan[10545]: Alert: Not sent
Apr 7 15:14:46 zero TrashScan[10545]: Notification: Messages sent to
emailengine at rocketmail.com and recipient at mxdomain.com
Apr 7 15:14:46 zero TrashScan[10545]: Check mail.virus !!!
Apr 7 15:14:46 zero TrashScan[10545]:
************************************************************************
Apr 7 15:14:46 zero TrashScan[10545]:
************************************************************************
Apr 7 15:14:46 zero TrashScan[10545]: Suspicious code in mail attachment detected
!!!
Apr 7 15:14:46 zero TrashScan[10545]: From: emailengine at rocketmail.com
Apr 7 15:14:46 zero TrashScan[10545]: To: recipient at mxdomain.com
Apr 7 15:14:46 zero TrashScan[10545]: Subj:
Apr 7 15:14:46 zero TrashScan[10545]: Date: Thu, 7 Apr 2005 16:11:45 +0200 (CEST)
Apr 7 15:14:46 zero TrashScan[10545]: Virus: Worm.Gibe.F
Apr 7 15:14:46 zero TrashScan[10545]: Alert: Not sent
Apr 7 15:14:46 zero TrashScan[10545]: Notification: Messages sent to
emailengine at rocketmail.com and recipient at mxdomain.com
Apr 7 15:14:46 zero TrashScan[10545]: Check mail.virus !!!
Apr 7 15:14:46 zero TrashScan[10545]:
************************************************************************
Keine Adresse ist auf dem Server !
240934 bytes transferred
117 messages sent
16 resent messages
117 messages removed from queue
Top ten senders:
30 messages sent by:
web4_k.schuehler (uid=10007):
26 messages sent by:
web1_kschuehler (uid=10001):
9 messages sent by:
web4_l.schuehler (uid=10008):
1 messages sent by:
web2_kschuehler (uid=10002):
Die Differenz der versendeten mails ist Verdächtig !
To partner-zyaebjfd at bulletin.microsoft.com Msg="host
bulletin.microsoft.com[217.20.112.72] said: 550 5.7.1
<partner-zyaebjfd at bulletin.microsoft.com>... Relaying denied. Proper authentication
required. (in reply to RCPT TO command" : 3 Time(s)
To recipient at yourserver.com Msg="host yourserver.com[217.20.112.72] said: 550
5.7.1 <recipient at yourserver.com>... Relaying denied. Proper authentication required.
(in reply to RCPT TO command" : 3 Time(s)
Da stimmt doch was nicht !
Ich hoffe mir kann einer Helfen.
Viele Grüsse Klaus
Mehr Informationen über die Mailingliste Postfixbuch-users