ZIMBRA 7.1 - SPAM

mardjmax
(usa Outra)

Enviado em 13/03/2014 - 11:21h

Ola pessoal.

Alguém me ajudar em um assunto que esta me enchendo já.
Hoje criei um servidor para homologar o zimbra, o servidor envia e recebe normalmente email não tenho problema algum com isto, agora o grande problema é
Um fela de uma eguá esta tentando enviar e-mail através do meu servidor e fica tentando toda hora e já faz mais de 20 dias que esta tentando com um ROBO como faço para para isto...

Já bloquei o relay só envia de um destino o mesmo bloqueia mas é impossível fazer mais nada .. segue os logues abaixo.
Lembrando que uso a porta padrão 25 SMTP já mudei para 587 mas para de enviar email.
Eu tenho firewall antes e faço somente o redirecionamento das portas, o XXX.XX.XX.XXX é o meu ip de entrada que mudei por motivo de segurança.;
Obrigado gente

Mar 13 14:19:45 mail postfix/smtpd[7567]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <1cfq@yahoo.com.tw>: Relay access denied; from=<vwszofxrt@yahoo.com> to=<1cfq@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:45 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <sheyegong@yahoo.com.tw>: Relay access denied; from=<etbesukbpmx@yahoo.com> to=<sheyegong@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:45 mail postfix/smtpd[8157]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <octorber7@yahoo.com.tw>: Relay access denied; from=<uhzjpkstbyl@yahoo.com> to=<octorber7@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:46 mail postfix/smtpd[7567]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <a1984111@yahoo.com.tw>: Relay access denied; from=<vwszofxrt@yahoo.com> to=<a1984111@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:46 mail postfix/smtpd[7943]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <john351912@yahoo.com.tw>: Relay access denied; from=<wixijygg@yahoo.com> to=<john351912@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:46 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <mh5998@yahoo.com.tw>: Relay access denied; from=<kcetdcylkl@yahoo.com> to=<mh5998@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:46 mail postfix/smtpd[8159]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <hot249xia@yahoo.com.tw>: Relay access denied; from=<tkbluybsr@yahoo.com> to=<hot249xia@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:46 mail postfix/smtpd[7567]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <a87421658@yahoo.com.tw>: Relay access denied; from=<vwszofxrt@yahoo.com> to=<a87421658@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:46 mail postfix/smtpd[7559]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <hyde328@yahoo.com.tw>: Relay access denied; from=<ymfdvyt@yahoo.com> to=<hyde328@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:46 mail postfix/smtpd[7350]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <anna810410@yahoo.com.tw>: Relay access denied; from=<dwarsk@yahoo.com> to=<anna810410@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:47 mail postfix/smtpd[7558]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ouchongchou@yahoo.com.tw>: Relay access denied; from=<rpzuxgop@yahoo.com> to=<ouchongchou@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:47 mail postfix/smtpd[8157]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ping650921@yahoo.com.tw>: Relay access denied; from=<uhzjpkstbyl@yahoo.com> to=<ping650921@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:47 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <zeal886@yahoo.com.tw>: Relay access denied; from=<kcetdcylkl@yahoo.com> to=<zeal886@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:48 mail postfix/smtpd[7567]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <bfpurge@yahoo.com.tw>: Relay access denied; from=<vwszofxrt@yahoo.com> to=<bfpurge@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:48 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <s2226500@yahoo.com.tw>: Relay access denied; from=<etbesukbpmx@yahoo.com> to=<s2226500@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:48 mail postfix/smtpd[7943]: too many errors after RCPT from unknown[192.168.0.152]
Mar 13 14:19:48 mail postfix/smtpd[7943]: disconnect from unknown[192.168.0.152]
Mar 13 14:19:48 mail postfix/smtpd[7559]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <dc880542@yahoo.com.tw>: Relay access denied; from=<ymfdvyt@yahoo.com> to=<dc880542@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:48 mail postfix/smtpd[7350]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <wwei0824@yahoo.com.tw>: Relay access denied; from=<dwarsk@yahoo.com> to=<wwei0824@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:48 mail postfix/smtpd[8159]: too many errors after RCPT from unknown[192.168.0.152]
Mar 13 14:19:48 mail postfix/smtpd[8159]: disconnect from unknown[192.168.0.152]
Mar 13 14:19:48 mail postfix/smtpd[8157]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <peter531@yahoo.com.tw>: Relay access denied; from=<uhzjpkstbyl@yahoo.com> to=<peter531@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:49 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <tingtien@yahoo.com.tw>: Relay access denied; from=<kcetdcylkl@yahoo.com> to=<tingtien@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:49 mail postfix/smtpd[7567]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <0uq4@yahoo.com.tw>: Relay access denied; from=<vwszofxrt@yahoo.com> to=<0uq4@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:49 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <smalldakara7678@yahoo.com.tw>: Relay access denied; from=<etbesukbpmx@yahoo.com> to=<smalldakara7678@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:49 mail postfix/smtpd[7559]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <gucci820@yahoo.com.tw>: Relay access denied; from=<ymfdvyt@yahoo.com> to=<gucci820@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:50 mail postfix/smtpd[8157]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ruth04251229@yahoo.com.tw>: Relay access denied; from=<uhzjpkstbyl@yahoo.com> to=<ruth04251229@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:50 mail postfix/smtpd[7352]: connect from unknown[192.168.0.152]
Mar 13 14:19:50 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <pk8365092@yahoo.com.tw>: Relay access denied; from=<kcetdcylkl@yahoo.com> to=<pk8365092@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:50 mail postfix/smtpd[7350]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <z226670@yahoo.com.tw>: Relay access denied; from=<dwarsk@yahoo.com> to=<z226670@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:50 mail postfix/smtpd[7567]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <a23020155a@yahoo.com.tw>: Relay access denied; from=<vwszofxrt@yahoo.com> to=<a23020155a@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:51 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <sot_tony@yahoo.com.tw>: Relay access denied; from=<etbesukbpmx@yahoo.com> to=<sot_tony@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:19:51 mail postfix/smtpd[7559]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <csyun@yahoo.com.tw>: Relay access denied; from=<ymfdv
warsk@yahoo.com> to=<e8601094@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:02 mail postfix/smtpd[7352]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <loveinlife1999@yahoo.com.tw>: Relay access denied; from=<wanwinyhq@yahoo.com> to=<loveinlife1999@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[10463]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <g883030@yahoo.com.tw>: Relay access denied; from=<ymfdvyt@yahoo.com> to=<g883030@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <couver612@yahoo.com.tw>: Relay access denied; from=<rvgewfipl@yahoo.com> to=<couver612@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[10677]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <crimehate@yahoo.com.tw>: Relay access denied; from=<dwarsk@yahoo.com> to=<crimehate@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ichungsun_2000@yahoo.com.tw>: Relay access denied; from=<czlwgqlxftekr@yahoo.com> to=<ichungsun_2000@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <dog80817@yahoo.com.tw>: Relay access denied; from=<rvgewfipl@yahoo.com> to=<dog80817@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[10463]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <guozhoping@yahoo.com.tw>: Relay access denied; from=<ymfdvyt@yahoo.com> to=<guozhoping@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <g280927@yahoo.com.tw>: Relay access denied; from=<czlwgqlxftekr@yahoo.com> to=<g280927@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[10677]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <wqoup1109@yahoo.com.tw>: Relay access denied; from=<dwarsk@yahoo.com> to=<wqoup1109@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <elee0226@yahoo.com.tw>: Relay access denied; from=<rvgewfipl@yahoo.com> to=<elee0226@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[10463]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ken197345@yahoo.com.tw>: Relay access denied; from=<ymfdvyt@yahoo.com> to=<ken197345@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:03 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ivyyang731@yahoo.com.tw>: Relay access denied; from=<czlwgqlxftekr@yahoo.com> to=<ivyyang731@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:04 mail postfix/smtpd[7352]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <liyen333@yahoo.com.tw>: Relay access denied; from=<wanwinyhq@yahoo.com> to=<liyen333@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:04 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <chick_11618@yahoo.com.tw>: Relay access denied; from=<rvgewfipl@yahoo.com> to=<chick_11618@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:04 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <h404022001@yahoo.com.tw>: Relay access denied; from=<czlwgqlxftekr@yahoo.com> to=<h404022001@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:04 mail postfix/smtpd[10463]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <jam13929vol336@yahoo.com.tw>: Relay access denied; from=<ymfdvyt@yahoo.com> to=<jam13929vol336@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:04 mail postfix/smtpd[7098]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ch_jahong@yahoo.com.tw>: Relay access denied; from=<rvgewfipl@yahoo.com> to=<ch_jahong@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:04 mail postfix/smtpd[7942]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <hancy7515@yahoo.com.tw>: Relay access denied; from=<czlwgqlxftekr@yahoo.com> to=<hancy7515@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>
Mar 13 14:20:05 mail postfix/smtpd[10677]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <aekta@yahoo.com.tw>: Relay access denied; from=<dwarsk@yahoo.com> to=<aekta@yahoo.com.tw> proto=SMTP helo=<xxx.xx.xx.xxxx>

stefaniobrunhara
(usa CentOS)

Enviado em 13/03/2014 - 11:49h

É muito importante você achar no log como o spammer esta autenticando. Tive um problema parecido a pouco tempo atrás, o spammer estava usando o usuário apache para enviar mensagens, meu webmail estava com uma falha, a solução foi atualizar o squirrelmail.

você pode ter também problema de senha fraca, alguns vírus também roubam a senha para o spammer. O importante e achar a porta se não ele volta de novo.

mardjmax
(usa Outra)

Enviado em 13/03/2014 - 11:50h

Voce sabe qual log eu acho esta senha?

stefaniobrunhara
(usa CentOS)

Enviado em 13/03/2014 - 12:32h

Você não vai achar a senha no log! É no mesmo arquivo que você retirou parte do log e posto na sua pergunta.






Veja no meu log, meu computador com ip 192.168.0.1 fez a conexão de numero 14486, nesta conexão o usuário usando foi o suporte@sangiovanne.com.br

veja no log

Mar 13 12:16:47 ns1 postfix/smtpd[14486]: 3B47B1249ED: client=unknown[192.168.0.1], sasl_method=LOGIN, sasl_username=suporte@sangiovanne.com.br


Como a conexão foi permitida, ou seja, usuário e senha estão corretos, minha mensagem ganhou o ID

Mar 13 12:16:47 ns1 postfix/cleanup[14092]: 3B47B1249ED: message-id=<000001cf3ecf$5aa18180$0fe48480$@sangiovanne.com.br>

Depois a conexão de numero 14486 é finalizada "desconectou".


A partir dai a mensagem esta por conta do postfix, ela cai na fila recebe todo tratamento do spamassasin etc... etc.., E é retirado da fila pelo maildrop, que por sua vez coloca na caixa do usuário helton.


vejo no log

Mar 13 12:16:55 ns1 postfix/smtpd[14490]: disconnect from localhost.localdomain[127.0.0.1]
Mar 13 12:16:55 ns1 amavis[13621]: (13621-02) Passed CLEAN {RelayedInternal}, MYNETS LOCAL [192.168.0.1]:51095 [192.168.0.1] <suporte@sangiovanne.com.br> -> <helton@sangiovanne.com.br>, Queue-ID: 3B47B1249ED, Message-ID: <000001cf3ecf$5aa18180$0fe48480$@sangiovanne.com.br>, mail_id: 6GBixM82Gpdb, Hits: -0.997, size: 2675, queued_as: 71CE4124A07, 8190 ms
Mar 13 12:16:55 ns1 postfix/smtp[14487]: 3B47B1249ED: to=<helton@sangiovanne.com.br>, relay=127.0.0.1[127.0.0.1]:10025, delay=8.2, delays=0.03/0.01/0/8.2, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10026): 250 2.0.0 Ok: queued as 71CE4124A07)
Mar 13 12:16:55 ns1 postfix/qmgr[4990]: 3B47B1249ED: removed
Mar 13 12:16:55 ns1 postfix/pipe[14095]: 71CE4124A07: to=<helton@sangiovanne.com.br>, relay=maildrop, delay=0.04, delays=0.01/0/0/0.03, dsn=2.0.0, status=sent (delivered via maildrop service)
Mar 13 12:16:55 ns1 postfix/qmgr[4990]: 71CE4124A07: removed


Log completo do tramite da conexão e processos do postfix

Mar 13 12:16:37 ns1 pop3d-ssl: Unexpected SSL connection shutdown.
Mar 13 12:16:47 ns1 postfix/smtpd[14486]: connect from unknown[192.168.0.1]
Mar 13 12:16:47 ns1 postfix/smtpd[14486]: 3B47B1249ED: client=unknown[192.168.0.1], sasl_method=LOGIN, sasl_username=suporte@sangiovanne.com.br
Mar 13 12:16:47 ns1 postfix/cleanup[14092]: 3B47B1249ED: message-id=<000001cf3ecf$5aa18180$0fe48480$@sangiovanne.com.br>
Mar 13 12:16:47 ns1 postfix/qmgr[4990]: 3B47B1249ED: from=<suporte@sangiovanne.com.br>, size=2674, nrcpt=1 (queue active)
Mar 13 12:16:49 ns1 postfix/smtpd[14486]: disconnect from unknown[192.168.0.1]
Mar 13 12:16:55 ns1 postfix/smtpd[14490]: connect from localhost.localdomain[127.0.0.1]
Mar 13 12:16:55 ns1 postfix/smtpd[14490]: 71CE4124A07: client=localhost.localdomain[127.0.0.1], orig_queue_id=3B47B1249ED, orig_client=unknown[192.168.0.1]
Mar 13 12:16:55 ns1 postfix/cleanup[14092]: 71CE4124A07: message-id=<000001cf3ecf$5aa18180$0fe48480$@sangiovanne.com.br>
Mar 13 12:16:55 ns1 postfix/qmgr[4990]: 71CE4124A07: from=<suporte@sangiovanne.com.br>, size=3160, nrcpt=1 (queue active)
Mar 13 12:16:55 ns1 postfix/smtpd[14490]: disconnect from localhost.localdomain[127.0.0.1]
Mar 13 12:16:55 ns1 amavis[13621]: (13621-02) Passed CLEAN {RelayedInternal}, MYNETS LOCAL [192.168.0.1]:51095 [192.168.0.1] <suporte@sangiovanne.com.br> -> <helton@sangiovanne.com.br>, Queue-ID: 3B47B1249ED, Message-ID: <000001cf3ecf$5aa18180$0fe48480$@sangiovanne.com.br>, mail_id: 6GBixM82Gpdb, Hits: -0.997, size: 2675, queued_as: 71CE4124A07, 8190 ms
Mar 13 12:16:55 ns1 postfix/smtp[14487]: 3B47B1249ED: to=<helton@sangiovanne.com.br>, relay=127.0.0.1[127.0.0.1]:10025, delay=8.2, delays=0.03/0.01/0/8.2, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10026): 250 2.0.0 Ok: queued as 71CE4124A07)
Mar 13 12:16:55 ns1 postfix/qmgr[4990]: 3B47B1249ED: removed
Mar 13 12:16:55 ns1 postfix/pipe[14095]: 71CE4124A07: to=<helton@sangiovanne.com.br>, relay=maildrop, delay=0.04, delays=0.01/0/0/0.03, dsn=2.0.0, status=sent (delivered via maildrop service)
Mar 13 12:16:55 ns1 postfix/qmgr[4990]: 71CE4124A07: removed

mardjmax
(usa Outra)

Enviado em 13/03/2014 - 12:49h

Descobri cara valeu..
O fela agendou uma tarefa no firewall com o usuario administrador para ficar enviando.

removi o usuario e removi a cron e mudei todas as senhas.

Valeu..

Valeu mesmo..
Mar 13 12:24:01 ESTACAO_NOME CRON[1676]: pam_unix(cron:account): could not identify user (from getpwnam(administrador))
Mar 13 12:25:01 ESTACAO_NOME CRON[1685]: pam_unix(cron:account): could not identify user (from getpwnam(administrador))
Mar 13 12:26:01 ESTACAO_NOME CRON[1686]: pam_unix(cron:account): could not identify user (from getpwnam(administrador))
Mar 13 12:27:01 ESTACAO_NOME CRON[1687]: pam_unix(cron:account): could not identify user (from getpwnam(administrador))
Mar 13 12:28:01 ESTACAO_NOME CRON[1688]: pam_unix(cron:account): could not identify user (from getpwnam(administrador))
Mar 13 12:29:01 ESTACAO_NOME CRON[1689]: pam_unix(cron:account): could not identify user (from getpwnam(administrador))
Mar 13 12:30:01 ESTACAO_NOME CRON[1691]: pam_unix(cron:account): could not identify user (from getpwnam(administrador))


[*****] em mano.. fela de uma eguá mesmo hushus.

mardjmax
(usa Outra)

Enviado em 13/03/2014 - 13:45h

Cara pensei que tinha resolvido.... as continua.

que [*****]..
Mar 13 13:44:32 mail postfix/smtpd[30994]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <automj@yahoo.com.tw>: Relay access denied; from=<juaoeyj@yahoo.com> to=<automj@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[5891]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <alpha10180303@yahoo.com.tw>: Relay access denied; from=<rqipabcon@yahoo.com> to=<alpha10180303@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[31953]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <paolung@yahoo.com.tw>: Relay access denied; from=<zvawcy@yahoo.com> to=<paolung@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[30997]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <eric0925@yahoo.com.tw>: Relay access denied; from=<maexihx@yahoo.com> to=<eric0925@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[31015]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <gels6866@yahoo.com.tw>: Relay access denied; from=<ihkecoitmmdmqz@yahoo.com> to=<gels6866@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[8372]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <chihpinpaul@yahoo.com.tw>: Relay access denied; from=<bphawnvnqb@yahoo.com> to=<chihpinpaul@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[31017]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <superstar5438@yahoo.com.tw>: Relay access denied; from=<kiwfny@yahoo.com> to=<superstar5438@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[5919]: connect from unknown[192.168.0.152]
Mar 13 13:44:32 mail postfix/smtpd[31938]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <rebercalee@yahoo.com.tw>: Relay access denied; from=<jykyawvxqyvb@yahoo.com> to=<rebercalee@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[30996]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <lii7428832@yahoo.com.tw>: Relay access denied; from=<uqduil@yahoo.com> to=<lii7428832@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[8370]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <tthm@yahoo.com.tw>: Relay access denied; from=<ihokwgrqiyu@yahoo.com> to=<tthm@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:32 mail postfix/smtpd[5891]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ais888@yahoo.com.tw>: Relay access denied; from=<rqipabcon@yahoo.com> to=<ais888@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[31949]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <kzkz50@yahoo.com.tw>: Relay access denied; from=<rxtsbivib@yahoo.com> to=<kzkz50@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[30997]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <color20011@yahoo.com.tw>: Relay access denied; from=<maexihx@yahoo.com> to=<color20011@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[8372]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <hecaowei@yahoo.com.tw>: Relay access denied; from=<bphawnvnqb@yahoo.com> to=<hecaowei@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[31017]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <seantina1036@yahoo.com.tw>: Relay access denied; from=<kiwfny@yahoo.com> to=<seantina1036@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[8370]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <tom00055@yahoo.com.tw>: Relay access denied; from=<ihokwgrqiyu@yahoo.com> to=<tom00055@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[5891]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <3spl@yahoo.com.tw>: Relay access denied; from=<rqipabcon@yahoo.com> to=<3spl@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[30992]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <chenstarman@yahoo.com.tw>: Relay access denied; from=<ywyabjqzqniek@yahoo.com> to=<chenstarman@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[8372]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <cc0911208616@yahoo.com.tw>: Relay access denied; from=<bphawnvnqb@yahoo.com> to=<cc0911208616@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[5891]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <andy710401@yahoo.com.tw>: Relay access denied; from=<rqipabcon@yahoo.com> to=<andy710401@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[8370]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <sun07312003@yahoo.com.tw>: Relay access denied; from=<ihokwgrqiyu@yahoo.com> to=<sun07312003@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[5918]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <s5861062@yahoo.com.tw>: Relay access denied; from=<wiifcddmgtbamv@yahoo.com> to=<s5861062@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[30994]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <a7043617z@yahoo.com.hk>: Relay access denied; from=<juaoeyj@yahoo.com> to=<a7043617z@yahoo.com.hk> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[5919]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <joyce_kinki211@yahoo.com.tw>: Relay access denied; from=<gbuirqqpxp@yahoo.com> to=<joyce_kinki211@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[8372]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <corolla6702@yahoo.com.tw>: Relay access denied; from=<bphawnvnqb@yahoo.com> to=<corolla6702@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:33 mail postfix/smtpd[31953]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <sboven.tw@yahoo.com.tw>: Relay access denied; from=<zvawcy@yahoo.com> to=<sboven.tw@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:34 mail postfix/smtpd[8369]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <sunny80395@yahoo.com.tw>: Relay access denied; from=<bkbjlvpozvo@yahoo.com> to=<sunny80395@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:34 mail postfix/smtpd[31015]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ghfdl@yahoo.com.tw>: Relay access denied; from=<ihkecoitmmdmqz@yahoo.com> to=<ghfdl@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:34 mail postfix/smtpd[8370]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <vino930@yahoo.com.tw>: Relay access denied; from=<ihokwgrqiyu@yahoo.com> to=<vino930@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>
Mar 13 13:44:34 mail postfix/smtpd[31938]: NOQUEUE: reject: RCPT from unknown[192.168.0.152]: 554 5.7.1 <ss87166@yahoo.com.tw>: Relay access denied; from=<jykyawvxqyvb@yahoo.com> to=<ss87166@yahoo.com.tw> proto=SMTP helo=<XXX.XX.XX.XXX>