中意 发表于 2014-5-13 07:58:14

这样的日志,如何反垃圾

现在用的邮件系统是 WINMAIL5.1

日志里经常有这样的SMTP 连接,这样的连接一出现,服务器IP就会被CBL列黑名单。

如果前端加ORFEE,能否防范?

有没有其他主动地防御方法?


2014/05/13-01:52:00   3756 来自 14.147.118.84 的连接
2014/05/13-01:52:20   3784 来自 14.147.118.84 的连接
2014/05/13-01:52:25   3756 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:52:25   3756 结束连接
2014/05/13-01:52:32   1712 来自 14.147.118.84 的连接
2014/05/13-01:52:45   3784 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:52:45   3784 结束连接
2014/05/13-01:52:54   2436 来自 14.147.118.84 的连接
2014/05/13-01:52:57   1712 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:52:57   1712 结束连接
2014/05/13-01:53:13    548 来自 14.147.118.84 的连接
2014/05/13-01:53:19   2436 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:53:19   2436 结束连接
2014/05/13-01:53:28   1772 来自 14.147.118.84 的连接
2014/05/13-01:53:38    548 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:53:38    548 结束连接
2014/05/13-01:53:49    664 来自 14.147.118.84 的连接
2014/05/13-01:53:53   1772 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:53:53   1772 结束连接
2014/05/13-01:54:12   3616 来自 14.147.118.84 的连接
2014/05/13-01:54:14    664 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:54:14    664 结束连接
2014/05/13-01:54:23   2524 来自 14.147.118.84 的连接
2014/05/13-01:54:37   3616 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:54:37   3616 结束连接
2014/05/13-01:54:41   2352 来自 14.147.118.84 的连接
2014/05/13-01:54:48   2524 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:54:48   2524 结束连接
2014/05/13-01:54:54   1820 来自 14.147.118.84 的连接
2014/05/13-01:55:06   2352 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:55:06   2352 结束连接
2014/05/13-01:55:10    864 来自 75.151.37.93 的连接
2014/05/13-01:55:12   1916 来自 14.147.118.84 的连接
2014/05/13-01:55:19   1820 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:55:19   1820 结束连接
2014/05/13-01:55:21   2344 来自 75.151.37.93 的连接
2014/05/13-01:55:32   3628 来自 75.151.37.93 的连接
2014/05/13-01:55:33   2492 来自 14.147.118.84 的连接
2014/05/13-01:55:35    864 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:55:35    864 结束连接
2014/05/13-01:55:37   1916 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:55:37   1916 结束连接
2014/05/13-01:55:42   1788 来自 75.151.37.93 的连接
2014/05/13-01:55:46   2344 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:55:46   2344 结束连接
2014/05/13-01:55:53   1340 来自 14.147.118.84 的连接
2014/05/13-01:55:53   1816 来自 75.151.37.93 的连接
2014/05/13-01:55:57   3628 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:55:57   3628 结束连接
2014/05/13-01:55:58   2492 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:55:58   2492 结束连接
2014/05/13-01:56:04   3896 来自 75.151.37.93 的连接
2014/05/13-01:56:07   1788 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:56:07   1788 结束连接
2014/05/13-01:56:13   1488 来自 14.147.118.84 的连接
2014/05/13-01:56:15    720 来自 75.151.37.93 的连接
2014/05/13-01:56:18   1340 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:56:18   1340 结束连接
2014/05/13-01:56:18   1816 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:56:18   1816 结束连接
2014/05/13-01:56:25   2432 来自 75.151.37.93 的连接
2014/05/13-01:56:26   2264 来自 14.147.118.84 的连接
2014/05/13-01:56:29   3896 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:56:29   3896 结束连接
2014/05/13-01:56:36   4076 来自 75.151.37.93 的连接
2014/05/13-01:56:38   1488 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:56:38   1488 结束连接
2014/05/13-01:56:40    720 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:56:40    720 结束连接
2014/05/13-01:56:45   3932 来自 14.147.118.84 的连接
2014/05/13-01:56:47    264 来自 75.151.37.93 的连接
2014/05/13-01:56:50   2432 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:56:50   2432 结束连接
2014/05/13-01:56:51   2264 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:56:51   2264 结束连接
2014/05/13-01:56:58   1236 来自 75.151.37.93 的连接
2014/05/13-01:57:01   4076 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:01   4076 结束连接
2014/05/13-01:57:07   1348 来自 14.147.118.84 的连接
2014/05/13-01:57:09    756 来自 75.151.37.93 的连接
2014/05/13-01:57:10   3932 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:10   3932 结束连接
2014/05/13-01:57:12    264 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:12    264 结束连接
2014/05/13-01:57:19   1272 来自 75.151.37.93 的连接
2014/05/13-01:57:23   1236 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:23   1236 结束连接
2014/05/13-01:57:30    336 来自 75.151.37.93 的连接
2014/05/13-01:57:31   2360 来自 14.147.118.84 的连接
2014/05/13-01:57:32   1348 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:32   1348 结束连接
2014/05/13-01:57:34    756 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:34    756 结束连接
2014/05/13-01:57:41   1948 来自 75.151.37.93 的连接
2014/05/13-01:57:44   1272 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:44   1272 结束连接
2014/05/13-01:57:46    620 来自 14.147.118.84 的连接
2014/05/13-01:57:52   1880 来自 75.151.37.93 的连接
2014/05/13-01:57:55    336 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:55    336 结束连接
2014/05/13-01:57:56   2360 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:57:56   2360 结束连接
2014/05/13-01:58:03   2380 来自 75.151.37.93 的连接
2014/05/13-01:58:03    852 来自 14.147.118.84 的连接
2014/05/13-01:58:06   1948 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:58:06   1948 结束连接
2014/05/13-01:58:11    620 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:58:11    620 结束连接
2014/05/13-01:58:13   4052 来自 75.151.37.93 的连接
2014/05/13-01:58:17   1880 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:58:17   1880 结束连接
2014/05/13-01:58:18    472 来自 14.147.118.84 的连接
2014/05/13-01:58:24    152 来自 75.151.37.93 的连接
2014/05/13-01:58:28   2380 错误:SMTP 接收数据异常 (receive error, client closed)
2014/05/13-01:58:28   2380 结束连接

钉子 发表于 2014-5-13 11:00:10

我看这个情况,应该是被人暴密码中继了。
页: [1]
查看完整版本: 这样的日志,如何反垃圾