請教,postfix是不是被攻擊
日誌文件裡面反覆出現:
Jun 13 16:07:46 crm-mail postfix/smtpd: connection established
Jun 13 16:07:46 crm-mail postfix/smtpd: master_notify: status 0
Jun 13 16:07:46 crm-mail postfix/smtpd: name_mask: resource
Jun 13 16:07:46 crm-mail postfix/smtpd: name_mask: software
Jun 13 16:07:46 crm-mail postfix/smtpd: name_mask: noanonymous
Jun 13 16:07:46 crm-mail postfix/smtpd: warning: 10.0.0.20: hostname bogon
verification failed: Name or service not known
Jun 13 16:07:46 crm-mail postfix/smtpd: connect from unknown
Jun 13 16:07:46 crm-mail postfix/smtpd: match_list_match: unknown: no match
Jun 13 16:07:46 crm-mail postfix/smtpd: match_list_match: 10.0.0.20: no match
Jun 13 16:07:46 crm-mail postfix/smtpd: match_list_match: unknown: no match
Jun 13 16:07:46 crm-mail postfix/smtpd: match_list_match: 10.0.0.20: no match
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostname: unknown ~? 127.0.0.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostaddr: 10.0.0.20 ~? 127.0.0.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostname: unknown ~? 10.20.30.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostaddr: 10.0.0.20 ~? 10.20.30.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostname: unknown ~? 10.110.10.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostaddr: 10.0.0.20 ~? 10.110.10.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_list_match: unknown: no match
Jun 13 16:07:46 crm-mail postfix/smtpd: match_list_match: 10.0.0.20: no match
Jun 13 16:07:46 crm-mail postfix/smtpd: send attr request = connect
Jun 13 16:07:46 crm-mail postfix/smtpd: send attr ident = smtp:10.0.0.20
Jun 13 16:07:46 crm-mail postfix/smtpd: private/anvil: wanted attribute: status
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute name: status
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute value: 0
Jun 13 16:07:46 crm-mail postfix/smtpd: private/anvil: wanted attribute: count
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute name: count
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute value: 1
Jun 13 16:07:46 crm-mail postfix/smtpd: private/anvil: wanted attribute: rate
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute name: rate
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute value: 1
Jun 13 16:07:46 crm-mail postfix/smtpd: private/anvil: wanted attribute: (list terminator)
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute name: (end)
Jun 13 16:07:46 crm-mail postfix/smtpd: > unknown: 220 mail.test.com ESMTP Postfix
Jun 13 16:07:46 crm-mail postfix/smtpd: smtp_get: EOF
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostname: unknown ~? 127.0.0.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostaddr: 10.0.0.20 ~? 127.0.0.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostname: unknown ~? 10.20.30.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostaddr: 10.0.0.20 ~? 10.20.30.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostname: unknown ~? 10.110.10.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_hostaddr: 10.0.0.20 ~? 10.110.10.0/24
Jun 13 16:07:46 crm-mail postfix/smtpd: match_list_match: unknown: no match
Jun 13 16:07:46 crm-mail postfix/smtpd: match_list_match: 10.0.0.20: no match
Jun 13 16:07:46 crm-mail postfix/smtpd: send attr request = disconnect
Jun 13 16:07:46 crm-mail postfix/smtpd: send attr ident = smtp:10.0.0.20
Jun 13 16:07:46 crm-mail postfix/smtpd: private/anvil: wanted attribute: status
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute name: status
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute value: 0
Jun 13 16:07:46 crm-mail postfix/smtpd: private/anvil: wanted attribute: (list terminator)
Jun 13 16:07:46 crm-mail postfix/smtpd: input attribute name: (end)
Jun 13 16:07:46 crm-mail postfix/smtpd: lost connection after CONNECT from unknown
Jun 13 16:07:46 crm-mail postfix/smtpd: disconnect from unknown
Jun 13 16:07:46 crm-mail postfix/smtpd: master_notify: status 1
Jun 13 16:07:46 crm-mail postfix/smtpd: connection closed
[火星人
]
請教,postfix是不是被攻擊已經有748次圍觀
http://coctec.com/docs/service/show-post-29802.html
