Задать вопрос
@ShamblerR
linux

Как в postfix найти какой сайт отсылает почту?

как определить какой сайт отсылает почту ?
from:<>

/var/log/mail.info
Jul 21 19:20:35 klondike-s postfix/smtp[20977]: 8DD7B24BC8C0: to=<nohemyf20@hotmail.com>, relay=mx2.hotmail.com[65.55.37.72]:25, delay=1498, delays=1491/4.3/2.1/0.38, dsn=4.0.0, status=deferred (host mx2.hotmail.com[65.55.37.72] said: 452
Too many recipients (in reply to RCPT TO command))
Jul 21 19:20:35 klondike-s postfix/smtp[20977]: 8DD7B24BC8C0: to=<noherangel@hotmail.com>, relay=mx2.hotmail.com[65.55.37.72]:25, delay=1498, delays=1491/4.3/2.1/0.38, dsn=4.0.0, status=deferred (host mx2.hotmail.com[65.55.37.72] said: 452
 Too many recipients (in reply to RCPT TO command))
Jul 21 19:20:35 klondike-s postfix/smtp[20977]: 8DD7B24BC8C0: to=<nohl_lynch@hotmail.com>, relay=mx2.hotmail.com[65.55.37.72]:25, delay=1498, delays=1491/4.3/2.1/0.52, dsn=4.0.0, status=deferred (host mx2.hotmail.com[65.55.37.72] said: 452
 Too many recipients (in reply to RCPT TO command))
Jul 21 19:20:35 klondike-s postfix/smtp[20977]: 8DD7B24BC8C0: to=<nohorabarrera2@hotmail.com>, relay=mx2.hotmail.com[65.55.37.72]:25, delay=1498, delays=1491/4.3/2.1/0.52, dsn=4.0.0, status=deferred (host mx2.hotmail.com[65.55.37.72] said:
 452 Too many recipients (in reply to RCPT TO command))
Jul 21 19:20:36 klondike-s postfix/smtp[20913]: 6A89924BC843: to=<caschmitt@ig.com.br>, relay=mx.ig.com.br[177.153.23.241]:25, delay=1.6, delays=0.01/0/0.75/0.82, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 88BE0E0CFF)
Jul 21 19:20:36 klondike-s postfix/qmgr[2439]: 6A89924BC843: removed
Jul 21 19:20:36 klondike-s postfix/smtp[21006]: 0D69024BC84E: to=<caschmitt@ig.com.br>, relay=mx.ig.com.br[177.153.23.241]:25, conn_use=3, delay=1, delays=0.01/0/0.24/0.78, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 67C57E20DB)
Jul 21 19:20:36 klondike-s postfix/qmgr[2439]: 0D69024BC84E: removed
Jul 21 19:20:36 klondike-s postfix/smtp[20977]: 8DD7B24BC8C0: to=<noheg12@hotmail.com>, relay=mx2.hotmail.com[65.55.37.72]:25, delay=1499, del
<Jul 21 19:29:07 klondike-s postfix/smtp[22156]: E071524BCA4B: to=<mrpoconoallstar3@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.195.26]:25, delay=20, delays=1.4/6.1/5.2/7.2, dsn=4.7.0, status=deferred (host gmail-smtp-in.l.google.co
m[74.125.195.26] said: 421-4.7.0 [188.138.84.111      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has
been temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. ev4si41454148wjc.204 - gsmtp (in reply to end of DATA command))
Jul 21 19:29:07 klondike-s postfix/smtp[22156]: E071524BCA4B: to=<mrpolo70@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.195.26]:25, delay=20, delays=1.4/6.1/5.2/7.2, dsn=4.7.0, status=deferred (host gmail-smtp-in.l.google.com[74.125
.195.26] said: 421-4.7.0 [188.138.84.111      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been tem
porarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. ev4si41454148wjc.204 - gsmtp (in reply to end of DATA command))
Jul 21 19:29:07 klondike-s postfix/smtp[22156]: E071524BCA4B: to=<mrpoloxbox1@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.195.26]:25, delay=20, delays=1.4/6.1/5.2/7.2, dsn=4.7.0, status=deferred (host gmail-smtp-in.l.google.com[74.
125.195.26] said: 421-4.7.0 [188.138.84.111      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been
temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. ev4si41454148wjc.204 - gsmtp (in reply to end of DATA command))
Jul 21 19:29:07 klondike-s postfix/smtp[22156]: E071524BCA4B: to=<mrpolpot@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.195.26]:25, delay=20, delays=1.4/6.1/5.2/7.2, dsn=4.7.0, status=deferred (host gmail-smtp-in.l.google.com[74.125
.195.26] said: 421-4.7.0 [188.138.84.111      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been tem
porarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. ev4si41454148wjc.204 - gsmtp (in reply to end of DATA command))
Jul 21 19:29:07 klondike-s postfix/smtp[22156]: E071524BCA4B: to=<mrpoposama@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.195.26]:25, delay=20, delays=1.4/6.1/5.2/7.2, dsn=4.7.0, status=deferred (host gmail-smtp-in.l.google.com[74.1
25.195.26] said: 421-4.7.0 [188.138.84.111      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been t
emporarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. ev4si41454148wjc.204 - gsmtp (in reply to end of DATA command))
Jul 21 19:29:07 klondike-s postfix/smtp[22156]: E071524BCA4B: to=<mrporche75@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.195.26]:25, delay=20, delays=1.4/6.1/5.2/7.2, dsn=4.7.0, status=deferred (host gmail-smtp-in.l.google.com[74.1
25.195.26] said: 421-4.7.0 [188.138.84.111      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been t
emporarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. ev4si41454148wjc.204 - gsmtp (in reply to end of DATA command))
Jul 21 19:29:07 klondike-s postfix/smtp[22156]: E071524BCA4B: to=<mrporkskin123@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.195.26]:25, delay=20, delays=1.4/6.1/5.2/7.2, dsn=4.7.0, status=deferred (host gmail-smtp-in.l.google.com[7
4.125.195.26] said: 421-4.7.0 [188.138.84.111      15] Our system has detected an unusual rate of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has bee
n temporarily 421-4.7.0 rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. ev4si41454148wjc.204 - gsmtp (in reply to end of DATA command))
Jul 21 19:29:07 klondike-s postfix/cleanup[22397]: 6BAA924BC8EB: message-id=<20150721152907.6BAA924BC8EB@klondike-s.ru>
Jul 21 19:29:07 klondike-s postfix/bounce[21739]: E071524BCA4B: sender non-delivery notification: 6BAA924BC8EB
Jul 21 19:29:07 klondike-s postfix/qmgr[2439]: 6BAA924BC8EB: from=<>, size=8535, nrcpt=1 (queue active)
Jul 21 19:29:08 klondike-s postfix/smtp[22290]: 6BAA924BC8EB: to=<tromanowski@centurylink.net>, relay=mx.centurylink.net[205.219.233.5]:25, delay=0.8, delays=0/0/0.58/0.22, dsn=5.1.1, status=bounced (host mx.centurylink.net[205.219.233.5]
said: 550 5.1.1 [R2] Recipient tromanowski@centurylink.net does not exist here. (in reply to RCPT TO command))
Jul 21 19:29:08 klondike-s postfix/smtp[22184]: 0DB1524BC8D5: to=<tromanowski@centurylink.net>, relay=mx.centurylink.net[205.219.233.5]:25, delay=1.2, delays=0/0/0.89/0.34, dsn=5.1.1, status=bounced (host mx.centurylink.net[205.219.233.5]
said: 550 5.1.1 [R2] Recipient tromanowski@centurylink.net does not exist here. (in reply to RCPT TO command))
Jul 21 19:29:08 klondike-s postfix/qmgr[2439]: 6BAA924BC8EB: removed
Jul 21 19:29:08 klondike-s postfix/qmgr[2439]: 0DB1524BC8D5: removed
Jul 21 19:30:01 klondike-s postfix/smtpd[10744]: connect from localhost.localdomain[127.0.0.1]
Jul 21 19:30:01 klondike-s postfix/smtpd[10744]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Jul 21 19:30:01 klondike-s postfix/smtpd[10744]: disconnect from localhost.localdomain[127.0.0.1]
Jul 21 19:30:02 klondike-s postfix/smtpd[10744]: connect from localhost.localdomain[127.0.0.1]
Jul 21 19:30:02 klondike-s postfix/smtpd[10744]: lost connection after CONNECT from localhost.localdomain[127.0.0.1]
Jul 21 19:30:02 klondike-s postfix/smtpd[10744]: disconnect from localhost.localdomain[127.0.0.1]
Jul 21 19:30:11 klondike-s postfix/pickup[21979]: 9934C24BC8EB: uid=107 from=<munin>
Jul 21 19:30:11 klondike-s postfix/cleanup[21573]: 9934C24BC8EB: message-id=<20150721153011.9934C24BC8EB@klondike-s.ru>
Jul 21 19:30:11 klondike-s postfix/qmgr[2439]: 9934C24BC8EB: from=<munin@pro1338.dedicatedpanel.com>, size=789, nrcpt=1 (queue active)
Jul 21 19:30:11 klondike-s postfix/smtp[22258]: 9934C24BC8EB: to=<root@pro1338.dedicatedpanel.com>, orig_to=<root>, relay=none, delay=0.04, delays=0.03/0/0/0, dsn=5.4.6, status=bounced (mail for pro1338.dedicatedpanel.com loops back to mys
elf)
Jul 21 19:30:11 klondike-s postfix/cleanup[21569]: 9C10824BCA2D: message-id=<20150721153011.9C10824BCA2D@klondike-s.ru>
Jul 21 19:30:11 klondike-s postfix/bounce[21739]: 9934C24BC8EB: sender non-delivery notification: 9C10824BCA2D
Jul 21 19:30:11 klondike-s postfix/qmgr[2439]: 9C10824BCA2D: from=<>, size=2710, nrcpt=1 (queue active)
Jul 21 19:30:11 klondike-s postfix/qmgr[2439]: 9934C24BC8EB: removed

/code>
  • Вопрос задан
  • 444 просмотра
Комментировать
Подписаться 3 Оценить Комментировать
Решения вопроса 1
@ShamblerR Автор вопроса
https://revisium.com/ru/blog/struggling_with_spam.html
сам нашел ответ
Ответ написан
Комментировать
Комментировать
Пригласить эксперта
Ваш ответ на вопрос

Войдите, чтобы написать ответ

Войти через центр авторизации
Похожие вопросы
Вакансии с Хабр Карьеры
Linux Администратор DevOps
ИМАГ Москва
от 150 000 до 170 000 ₽
Программист C/C++ embedded Linux
РТК Автоматика Москва
от 170 000 до 250 000 ₽
Системный инженер/ DevOps (удаленно)
Git in Sky
До 200 000 ₽
Ещё вакансии
Заказы с Хабр Фриланса
Разработать плагин интеграции товаров из Контур.Маркет в Wordpress
02 мая 2024, в 17:25
3000 руб./за проект
Написать программы на Python с алгоритмами из биоинформатики
02 мая 2024, в 17:23
3000 руб./за проект
Разработка телеграмм бота для платежей.
02 мая 2024, в 17:09
50000 руб./за проект
Ещё заказы