服务器充斥了垃圾邮件。队列中有很多的邮件信息 邮件发送缓慢

從下表中可以看出，大量的連線被建立。 

 

 

检查Qmail队列中有多少邮件信息：

# /var/qmail/bin/qmail-qstat
messages in queue:5645
messages in queue but not yet preprocessed: 82

 

還有五千多筆未發出。

 

查找 maillog 紀錄，找看看對方是經由哪個信箱驗證來發送的

# /usr/local/psa/var/log/maillog // 紀錄位置不一定跟我的環境相同

May 27 15:23:59 xxxxxx smtp_auth: SMTP connect from unknown [149.129.139.62]
May 27 15:23:59 xxxxxx smtp_auth: SMTP user sale@xxxx.com.tw : logged in from (null) [149.129.139.62]

 

解決方案：

1. 使用 iptable 先封鎖 該IP

2. 清掉郵件促列。

3. 變更信箱密碼，並把該帳號的電腦掃毒。

 

 查到的 垃圾 郵件標題

Received: (qmail 28485 invoked from network); 27 May 2015 15:25:04 +0800

Received: from unknown (HELO User) (149.129.139.62)

  by 61-67-233-host52.kbtelecom.net.tw with ESMTPA; 27 May 2015 15:25:03 +0800

Reply-To: <bingo.lottoclaimdept@yandex.com>

From: "BINGO LOTTO INTERNATIONAL"<winner@bingolotto.co.uk>

Subject: WINNER TICKET NUMBER: CL17-2731-37-43

Date: Wed, 27 May 2015 15:18:07 -1200

MIME-Version: 1.0

Content-Type: text/html;

        charset="Windows-1251"

Content-Transfer-Encoding: 7bit

X-Priority: 3

X-MSMail-Priority: Normal

X-Mailer: Microsoft Outlook Express 6.00.2600.0000

X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000