имею сервер Freebsd 8.4 + exim + Courier IMAP + mysql
мой ип попал в черные списки.
Третий день не могу понять как шлют.
Копирую все исходящие сообщения на out@domen.ru
Спам вижу но по логам не могу понять как это происходит!
по логам не совсем понятно...
Помогите плиз! ткните носом...
Спасибо...
Код: Выделить всё
message_all_out_copy:
driver = redirect
unseen
senders = *
data = out@domen.ru
Код: Выделить всё
cat /var/log/exim/mainlog | grep mbiheeezvpjvvvmjbcxc@ya.ru
2014-11-14 14:09:43 [8056] Delay 20s for [217.12.221.182] with HELO=sadhfjudhsfkhd.ru. Mail from mbiheeezvpjvvvmjbcxc@ya.ru to rekl@domen.ru.
2014-11-14 14:10:05 [8056] 1XpElP-00025w-I9 SA: Action: SA didn't successfully run against message, accepting (time: 2/2 secs | Message-Id: DBDE683B30E4CBA87471388692BF8F2C@ytrxjai). From <mbiheeezvpjvvvmjbcxc@ya.ru> (host=NULL [217.12.221.182]) for rekl@domen.ru
2014-11-14 14:10:05 [8056] 1XpElP-00025w-I9 <= mbiheeezvpjvvvmjbcxc@ya.ru H=(sadhfjudhsfkhd.ru) [217.12.221.182]:52154 I=[192.168.0.239]:25 P=esmtps X=TLSv1:DHE-RSA-AES256-SHA:256 CV=no S=50292 M8S=0 id=DBDE683B30E4CBA87471388692BF8F2C@ytrxjai T="\353\317\306\305 \315\301\333\311\316\301 \302\305\323\320\314\301\324\316\317" from <mbiheeezvpjvvvmjbcxc@ya.ru> for rekl@domen.ru
2014-11-14 14:10:05 [8079] 1XpElP-00025w-I9 => out (out@domen.ru, out@domen.ru, nina@domen.ru, nina@domen.ru, rekl@domen.ru) <rekl@domen.ru> F=<mbiheeezvpjvvvmjbcxc@ya.ru> P=<mbiheeezvpjvvvmjbcxc@ya.ru> R=mysqluser T=mysql_delivery S=50370 QT=2s DT=0s
2014-11-14 14:10:05 [8079] 1XpElP-00025w-I9 => nina (nina@domen.ru, nina@domen.ru, rekl@domen.ru) <rekl@domen.ru> F=<mbiheeezvpjvvvmjbcxc@ya.ru> P=<mbiheeezvpjvvvmjbcxc@ya.ru> R=mysqluser T=mysql_delivery S=50370 QT=2s DT=0s
2014-11-14 14:10:05 [8079] 1XpElP-00025w-I9 => rekl (rekl@domen.ru) <rekl@domen.ru> F=<mbiheeezvpjvvvmjbcxc@ya.ru> P=<mbiheeezvpjvvvmjbcxc@ya.ru> R=mysqluser T=mysql_delivery S=50370 QT=2s DT=0s
Код: Выделить всё
Envelope-to: rekl@domen.ru
Delivery-date: Fri, 14 Nov 2014 14:10:05 +0300
Received: from [217.12.221.182] (port=52154 helo=sadhfjudhsfkhd.ru)
by mail.domen.ru with esmtps (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.84 (FreeBSD))
(envelope-from <mbiheeezvpjvvvmjbcxc@ya.ru>)
id 1XpElP-00025w-I9
for rekl@montblanc.ru; Fri, 14 Nov 2014 14:10:05 +0300
Received: from Unknown (segment-119-226.sify.net [119.226.169.98] (may be forged))
(authenticated bits=0)
by sadhfjudhsfkhd.ru (8.14.4/8.14.4/Debian-4) with ESMTP id sAEB9lU2003250;
Fri, 14 Nov 2014 14:09:51 +0300
Message-ID: <DBDE683B30E4CBA87471388692BF8F2C@ytrxjai>
Reply-To: =?koi8-r?B?4cfOydE=?= <nnydqqukuxzmbefpo@musician.org>
From: =?koi8-r?B?4cfOydE=?= <mbiheeezvpjvvvmjbcxc@ya.ru>
To: svet67@mail.ru, info@investmarketing.ru, sat@ispa.r, rekl@montblanc.ru,
<info@aksioma.kz>, <uda4a-ufa@mail.ru>, <yzgan@yandex.ru>
Date: Fri, 14 Nov 2014 12:28:11 +0100
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="----=_NextPart_000_225B_01D00006.746BF3E0"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
X-SA-Exim-Connect-IP: 217.12.221.182
X-SA-Exim-Mail-From: mbiheeezvpjvvvmjbcxc@ya.ru
Subject: =?koi8-r?B?68/GxSDNwdvJzsEgwsXT0MzB1M7P?=
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: No (on mail.montblanc.ru); Unknown failure
------=_NextPart_000_225B_01D00006.746BF3E0
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_225C_01D00006.746BF3E0"
------=_NextPart_001_225C_01D00006.746BF3E0
Content-Type: text/plain;
charset="koi8-r"
Content-Transfer-Encoding: quoted-printable
rniwfuwiqbyzllttnrtxd
wxfjylwk
lrh
pwrw
gktxwbbotpfqjmiuim
capqu
rzav
byep
azyfyxanao
kdhwy
gnuvzxyynphrsvwwyie
jwmfb
risceiise
ldvgqbmfjquosprfzb
mluytj
wvyxaq
muffdsqqaxe
ebfg
mntletb
znowjorwliselcdi
lzulbfhgfgiqtrjkhnp
madxjubeunikwoepcoo
qpys
ehbt