센드메일로이루어진 메일서버에 남겨진 이상한 로그들입니다..
sendmail로 온리 메일만 돌아가는 메일서버를 구축해서 IDC에 돌리고 있습니다.
호스팅류가 아닌 오로지 회사에서 사용하는 고객센타 및 사내외 업무 메일서버인데요,
아래 로그들이 약 950여개정도가 쌓이고, 프로세스도 몇십개가 떠있습니다.
Nov 14 16:29:31 email sendmail[28480]: kAE7TQxU028480: from=grandchase@netmarble.co.kr, size=207610, class=0, nrcpts=1, msgid=<200611140729.kAE7TQxU028480@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:31:32 email sendmail[28560]: kAE7VQxU028560: from=gameupdc@wemail.co.kr, size=201545, class=0, nrcpts=1, msgid=<200611140731.kAE7VQxU028560@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:31:55 email sendmail[28570]: kAE7VnxU028570: from=master@shotech.com, size=207630, class=0, nrcpts=1, msgid=<200611140731.kAE7VnxU028570@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:32:01 email sendmail[28576]: kAE7VtxU028576: from=1220jjh@hanmail.net, size=201559, class=0, nrcpts=1, msgid=<200611140731.kAE7VtxU028576@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:33:21 email sendmail[28612]: kAE7XFxU028612: from=kyh96403@hotmail.com, size=201608, class=0, nrcpts=1, msgid=<200611140733.kAE7XFxU028612@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:34:33 email sendmail[28668]: kAE7YQxU028668: from=sales@nero.com, size=201557, class=0, nrcpts=1, msgid=<200611140734.kAE7YQxU028668@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:34:38 email sendmail[28671]: kAE7YXxU028671: from=kyh96403@hotmail.com, size=201590, class=0, nrcpts=1, msgid=<200611140734.kAE7YXxU028671@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:37:38 email sendmail[28763]: kAE7bXxU028763: from=master@shotech.com, size=207596, class=0, nrcpts=1, msgid=<200611140737.kAE7bXxU028763@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:38:47 email sendmail[28788]: kAE7cgxU028788: from=master@fian.co.kr, size=201624, class=0, nrcpts=1, msgid=<200611140738.kAE7cgxU028788@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:40:05 email sendmail[28839]: kAE7e0xU028839: from=gameupdc@wemail.co.kr, size=201579, class=0, nrcpts=1, msgid=<200611140740.kAE7e0xU028839@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:40:19 email sendmail[28852]: kAE7eDxU028852: from=1220jjh@hanmail.net, size=201606, class=0, nrcpts=1, msgid=<200611140740.kAE7eDxU028852@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:40:38 email sendmail[28861]: kAE7eWxU028861: from=whan1@joongang.co.kr, size=207618, class=0, nrcpts=1, msgid=<200611140740.kAE7eWxU028861@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:40:44 email sendmail[28864]: kAE7ecxU028864: from=kyh96403@hotmail.com, size=201707, class=0, nrcpts=1, msgid=<200611140740.kAE7ecxU028864@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:40:56 email sendmail[28872]: kAE7eoxU028872: from=grandchase@netmarble.co.kr, size=207679, class=0, nrcpts=1, msgid=<200611140740.kAE7eoxU028872@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
Nov 14 16:41:13 email sendmail[28883]: kAE7f7xU028883: from=austria@msdirectservices.com, size=207895, class=0, nrcpts=1, msgid=<200611140741.kAE7f7xU028883@email.geopia.com>, bodytype=8BITMIME, proto=ESMTP, daemon=MTA, relay=[211.220.201.204]
혹시 SPAM메일 푸슁을 시도당하고 있는걸까요?
릴레이 체크를 해봤는데 이상이 없었습니다.
저 아이피는 릴레이 리스트에 있지 않고, 허용되어 있지 않습니다.
sendmail 버젼은 8.12.8 입니다.
원인과 해결책을 가르쳐주시면 정말 감사하겠습니다..^^
relay 시도를 할 때
relay 시도를 할 때 기록되는 로그입니다.
같은 아이피에서 지속적으로 시도한다면 /etc/hosts.deny 에서 접속 차단하세요.
댓글 달기