Ataque desconhecido ao servidor SMTP

0

A partir de ontem, tive um problema com o envio de mensagens através do meu servidor SMTP (MS Windows Server 2012 R2, software: MailEnable 8.02 Professional).

Descobri que há constantemente o envio de alguns e-mails via servidor SMTP ...

Se eu reiniciar o servidor SMTP, as mensagens serão enviadas após 36 minutos novamente.

As mensagens estão sendo enviadas da caixa postal DEFAULT como postmaster do usuário, por isso excluí esta caixa de correio e o usuário, mas o problema persiste ...

O Mail Relay está definido apenas para "Permitir retransmissão para remetentes autenticados".

Alguém pode me ajudar, por favor?!

Log de 2014/02/22:

muitos registros como este:

Falha na tentativa de login de IMAP do endereço IP. IP do cliente: ... Mailbox Crítica: pwrchute

Log - enviando e-mails:

02/22/14 15:41:36       ME-I0026: [008C17BF11314176A61944BC32586C19.MAI] Sending message
02/22/14 15:41:36       ME-IXXXX: [0059E32D89424F80825218C789108783.MAI] Remote server returned a response indicating a temporary failure. Server Response: (450 : Sender address rejected: DNS Timeout [02GHDNNJS300]**)
02/22/14 15:41:36       ME-E0034: [0059E32D89424F80825218C789108783.MAI] RCPT command to all recipients produced an error.
02/22/14 15:41:36       ME-IXXXX: [008C17BF11314176A61944BC32586C19.MAI] DNS resolved to the following record: IP Address=115.112.200.204, Family=2, Type=1, Protocol=6
02/22/14 15:41:36       ME-I0050: [0059E32D89424F80825218C789108783.MAI] Send attempt completed successfully, but some recipients did not resolve
02/22/14 15:41:36       ME-I0053: [0059E32D89424F80825218C789108783.MAI] Message generated a recipient failure message to sender.
02/22/14 15:41:36       [0059E32D89424F80825218C789108783.MAI] caused a Delay Message to be generated with a Message ID of [52228E1DC5634AE8BE72DA831F982FA7.MAI]. The recipient of the delay is: [email protected]
02/22/14 15:41:36       ME-I0054: [0059E32D89424F80825218C789108783.MAI] Message is being requeued to recipients where server returned an error.
02/22/14 15:41:37       ME-I0123: Domain [yahoo.com] has MX list [mta7.am0.yahoodns.net,mta6.am0.yahoodns.net,mta5.am0.yahoodns.net]
02/22/14 15:41:37       ME-I0026: [008CB29F18BE4B488BE7296579C09042.MAI] Sending message
02/22/14 15:41:37       ME-IXXXX: [008CB29F18BE4B488BE7296579C09042.MAI] DNS resolved to the following record: IP Address=98.136.216.26, Family=2, Type=1, Protocol=6
02/22/14 15:41:37       ME-E0038: [0058959360B44C7B97FBE0778E66271C.MAI] Communications Error: Socket connection to clavin.bcbsm.com failed (error 10060). The host was either not contactable or it rejected your connection. Socket Family = 2; Host=167.242.53.49; Port=25
02/22/14 15:41:37       ME-E0059: [0058959360B44C7B97FBE0778E66271C.MAI] Message Delivery Failure. Attempt (0): Could not connect to mail server for domain (bcbsm.com). The remote mail server could not be contacted at this time. Message has been requeued.
02/22/14 15:41:37       [0058959360B44C7B97FBE0778E66271C.MAI] caused a Delay Message to be generated with a Message ID of [489198ACB83F48588310940B5F65E54B.MAI]. The recipient of the delay is: [email protected]
02/22/14 15:41:37       ME-E0038: [007BF87508A44FF6937AC653D92C67D8.MAI] Communications Error: Socket connection to filter2.btcl.net.bd failed (error 10060). The host was either not contactable or it rejected your connection. Socket Family = 2; Host=203.112.194.38; Port=25
02/22/14 15:41:37       ME-I1350: [007BF87508A44FF6937AC653D92C67D8.MAI] Attempting to connect to MX 2 of 6 (filter1.btcl.net.bd).
02/22/14 15:41:37       ME-IXXXX: [007BF87508A44FF6937AC653D92C67D8.MAI] DNS resolved to the following record: IP Address=203.112.194.39, Family=2, Type=1, Protocol=6
02/22/14 15:41:38       ME-E0xxx: [008CB29F18BE4B488BE7296579C09042.MAI] MAIL FROM command returned with a 421 response. The message will be retried.
02/22/14 15:41:38       ME-I0009: [008CB29F18BE4B488BE7296579C09042.MAI] Remote server has closed connection after 0 milliseconds. Server Response: (-)
02/22/14 15:41:38       ME-E0059: [008CB29F18BE4B488BE7296579C09042.MAI] Message Delivery Failure. Attempt (1): Domain (yahoo.com) returned temporary error for email. Message has been requeued.
02/22/14 15:41:38       [008CB29F18BE4B488BE7296579C09042.MAI] caused a Delay Message to be generated with a Message ID of [9C01B03355704E2493D5E9BAC532DD91.MAI]. The recipient of the delay is: [email protected]
02/22/14 15:41:38       ME-I0123: Domain [rocketmail.com] has MX list [mta7.am0.yahoodns.net,mta5.am0.yahoodns.net,mta6.am0.yahoodns.net]
02/22/14 15:41:38       ME-I0026: [008CE54DA6994F9F82BE1C435EA16849.MAI] Sending message
02/22/14 15:41:38       ME-IXXXX: [008CE54DA6994F9F82BE1C435EA16849.MAI] DNS resolved to the following record: IP Address=98.136.216.26, Family=2, Type=1, Protocol=6
02/22/14 15:41:38       ME-I0123: Domain [b2bleader.com] has MX list [114.80.218.140,114.80.218.140]
02/22/14 15:41:38       ME-I0026: [008D31AA265A4E4DAE85DEB3E31B2316.MAI] Sending message
02/22/14 15:41:38       ME-IXXXX: [008D31AA265A4E4DAE85DEB3E31B2316.MAI] DNS resolved to the following record: IP Address=114.80.218.140, Family=2, Type=1, Protocol=0
02/22/14 15:41:39       ME-E0xxx: [008CE54DA6994F9F82BE1C435EA16849.MAI] MAIL FROM command returned with a 421 response. The message will be retried.
02/22/14 15:41:39       ME-I0009: [008CE54DA6994F9F82BE1C435EA16849.MAI] Remote server has closed connection after 0 milliseconds. Server Response: (-)
02/22/14 15:41:39       ME-E0059: [008CE54DA6994F9F82BE1C435EA16849.MAI] Message Delivery Failure. Attempt (1): Domain (rocketmail.com) returned temporary error for email. Message has been requeued.
02/22/14 15:41:39       [008CE54DA6994F9F82BE1C435EA16849.MAI] caused a Delay Message to be generated with a Message ID of [63B9797F84B34C609E84705EA7AA5FF8.MAI]. The recipient of the delay is: [email protected]
02/22/14 15:41:39       ME-I0123: Domain [yahoo.com] has MX list [mta6.am0.yahoodns.net,mta5.am0.yahoodns.net,mta7.am0.yahoodns.net]
02/22/14 15:41:39       ME-I0026: [008DC8DDDB8A41EFBD97AAF23BB3A7C4.MAI] Sending message
02/22/14 15:41:39       ME-IXXXX: [008DC8DDDB8A41EFBD97AAF23BB3A7C4.MAI] DNS resolved to the following record: IP Address=98.138.112.38, Family=2, Type=1, Protocol=6
02/22/14 15:41:39       ME-IXXXX: [007BF87508A44FF6937AC653D92C67D8.MAI] Remote server returned a response indicating a temporary failure. Server Response: (451 Blocked - see http://www.spamcop.net/bl.shtml?31.31.72.250**)
02/22/14 15:41:39       ME-IXXXX: [008C17BF11314176A61944BC32586C19.MAI] Remote server returned a response indicating a temporary failure. Server Response: (451 IP 31.31.72.250 is UCEPROTECT-Level 1 listed. See http://www.uceprotect.net/rblcheck.php?ipr=31.31.72.250**)
02/22/14 15:41:39       ME-E0034: [008C17BF11314176A61944BC32586C19.MAI] RCPT command to all recipients produced an error.
02/22/14 15:41:39       ME-I0050: [008C17BF11314176A61944BC32586C19.MAI] Send attempt completed successfully, but some recipients did not resolve
02/22/14 15:41:39       ME-I0053: [008C17BF11314176A61944BC32586C19.MAI] Message generated a recipient failure message to sender.
    
por miloshavlicek 22.02.2014 / 16:31

0 respostas

Tags