iT邦幫忙

1

請問這樣的Lotus Notes 8.5 的Mail Log是不是被Relay 了. 該如何是好呢?

想請問各位業界的英才,

我們是一家小小公司, 總共也不過才8 個人, 平常信件很少, 公司採用Lotus Notes 8.5, 可是公司的Email Log卻一直出現這種訊息, 請問是不是被Email Relay 了呢? 有什麼方法改善嗎?
萬分感謝大家幫忙.

2017/03/29 下午 11:27:30 SMTP Server: 187.75.230.232 connected
2017/03/29 下午 11:27:30 SMTP Server: 187.75.230.232 disconnected. 0 message[s] received
2017/03/29 下午 11:29:57 SMTP Server: p5098d18e.dip0.t-ipconnect.de (80.152.209.142) connected
2017/03/29 下午 11:29:57 SMTP Server: p5098d18e.dip0.t-ipconnect.de (80.152.209.142) disconnected. 0 message[s] received
2017/03/29 下午 11:33:02 SMTP Server: scz-181-114-97-00059.wimaxtigo.bo (181.114.97.59) connected
2017/03/29 下午 11:33:02 SMTP Server: scz-181-114-97-00059.wimaxtigo.bo (181.114.97.59) disconnected. 0 message[s] received
2017/03/29 下午 11:36:00 SMTP Server: static-ip-adsl-200.119.201.92.cotas.com.bo (200.119.201.92) connected
2017/03/29 下午 11:36:00 SMTP Server: static-ip-adsl-200.119.201.92.cotas.com.bo (200.119.201.92) disconnected. 0 message[s] received
2017/03/29 下午 11:38:55 SMTP Server: ool-603913ea.static.optonline.net (96.57.19.234) connected
2017/03/29 下午 11:38:55 SMTP Server: ool-603913ea.static.optonline.net (96.57.19.234) disconnected. 0 message[s] received
2017/03/29 下午 11:42:15 SMTP Server: 200.41.170.131 connected
2017/03/29 下午 11:42:15 SMTP Server: 200.41.170.131 disconnected. 0 message[s] received
2017/03/29 下午 11:45:21 SMTP Server: 190.68.46.99 connected
2017/03/29 下午 11:45:21 SMTP Server: 190.68.46.99 disconnected. 0 message[s] received
2017/03/29 下午 11:48:29 SMTP Server: 181.48.154.254 connected
2017/03/29 下午 11:48:29 SMTP Server: 181.48.154.254 disconnected. 0 message[s] received
2017/03/29 下午 11:51:14 SMTP Server: 246.254.6.200.intelnet.net.gt (200.6.254.246) connected
2017/03/29 下午 11:51:14 SMTP Server: 246.254.6.200.intelnet.net.gt (200.6.254.246) disconnected. 0 message[s] received
2017/03/29 下午 11:55:11 SMTP Server: 58.19.180.138 connected
2017/03/29 下午 11:55:11 SMTP Server: 58.19.180.138 disconnected. 0 message[s] received
2017/03/29 下午 11:57:29 SMTP Server: nikol200.static.otenet.gr (79.129.100.123) connected
2017/03/29 下午 11:57:29 SMTP Server: nikol200.static.otenet.gr (79.129.100.123) disconnected. 0 message[s] received
2017/03/30 上午 12:00:18 SMTP Server: 96-66-208-153-static.hfc.comcastbusiness.net (96.66.208.153) connected
2017/03/30 上午 12:00:18 SMTP Server: 96-66-208-153-static.hfc.comcastbusiness.net (96.66.208.153) disconnected. 0 message[s] received
2017/03/30 上午 12:04:04 SMTP Server: 178-82-117-54.dynamic.hispeed.ch (178.82.117.54) connected
2017/03/30 上午 12:04:04 SMTP Server: 178-82-117-54.dynamic.hispeed.ch (178.82.117.54) disconnected. 0 message[s] received
2017/03/30 上午 12:09:31 SMTP Server: nikol200.static.otenet.gr (79.129.100.123) connected
2017/03/30 上午 12:09:31 SMTP Server: nikol200.static.otenet.gr (79.129.100.123) disconnected. 0 message[s] received
2017/03/30 上午 12:12:21 SMTP Server: WIN-QGVHM6CL9P8 (190.124.250.39) connected
2017/03/30 上午 12:12:21 SMTP Server: WIN-QGVHM6CL9P8 (190.124.250.39) disconnected. 0 message[s] received
2017/03/30 上午 12:15:24 SMTP Server: 24.51.113.156 connected
2017/03/30 上午 12:15:24 SMTP Server: 24.51.113.156 disconnected. 0 message[s] received
2017/03/30 上午 12:16:10 SMTP Server: gw.viagra-on.com (89.248.171.31) connected
2017/03/30 上午 12:16:10 SMTP Server: gw.viagra-on.com (89.248.171.31) disconnected. 0 message[s] received
2017/03/30 上午 12:18:26 SMTP Server: pix.bau.edu.jo (87.236.233.98) connected
2017/03/30 上午 12:18:26 SMTP Server: pix.bau.edu.jo (87.236.233.98) disconnected. 0 message[s] received
2017/03/30 上午 12:21:14 SMTP Server: leased-lines-208-214.tricom.net (200.42.208.214) connected
2017/03/30 上午 12:21:14 SMTP Server: leased-lines-208-214.tricom.net (200.42.208.214) disconnected. 0 message[s] received
2017/03/30 上午 12:24:44 SMTP Server: 177.85.224.109 connected
2017/03/30 上午 12:24:44 SMTP Server: 177.85.224.109 disconnected. 0 message[s] received
2017/03/30 上午 12:27:18 SMTP Server: 10.1.16.15 connected
2017/03/30 上午 12:27:18 SMTP Server: Message 005A6415 (MessageID: 8fc04a96dfeb3aef@b3c831c565764804) received
2017/03/30 上午 12:27:18 SMTP Server: 10.1.16.15 disconnected. 1 message[s] received
2017/03/30 上午 12:27:19 Router: Message 005A6415 delivered to Kelly/FIN/for
2017/03/30 上午 12:27:27 SMTP Server: athedsl-4556545.home.otenet.gr (94.70.83.9) connected
2017/03/30 上午 12:27:27 SMTP Server: athedsl-4556545.home.otenet.gr (94.70.83.9) disconnected. 0 message[s] received
2017/03/30 上午 12:33:33 SMTP Server: 173-14-114-233-richmond.hfc.comcastbusiness.net (173.14.114.233) connected
2017/03/30 上午 12:33:33 SMTP Server: 173-14-114-233-richmond.hfc.comcastbusiness.net (173.14.114.233) disconnected. 0 message[s] received
2017/03/30 上午 12:38:56 SMTP Server: 177-152-183-174.primatecmt.com.br (177.152.183.174) connected
2017/03/30 上午 12:38:56 SMTP Server: 177-152-183-174.primatecmt.com.br (177.152.183.174) disconnected. 0 message[s] received
2017/03/30 上午 12:42:04 SMTP Server: d57d0833.static.ziggozakelijk.nl (213.125.8.51) connected
2017/03/30 上午 12:42:04 SMTP Server: d57d0833.static.ziggozakelijk.nl (213.125.8.51) disconnected. 0 message[s] received
2017/03/30 上午 12:44:52 SMTP Server: ec2-50-16-213-115.compute-1.amazonaws.com (50.16.213.115) connected
2017/03/30 上午 12:44:52 SMTP Server: ec2-50-16-213-115.compute-1.amazonaws.com (50.16.213.115) disconnected. 0 message[s] received
2017/03/30 上午 12:48:09 SMTP Server: 61.181.245.24 connected
2017/03/30 上午 12:48:09 SMTP Server: 61.181.245.24 disconnected. 0 message[s] received
2017/03/30 上午 12:51:02 SMTP Server: mx.exor.hu (78.131.87.207) connected
2017/03/30 上午 12:51:02 SMTP Server: mx.exor.hu (78.131.87.207) disconnected. 0 message[s] received
2017/03/30 上午 12:54:49 SMTP Server: 208.84.207.152 connected
2017/03/30 上午 12:54:49 SMTP Server: 208.84.207.152 disconnected. 0 message[s] received
2017/03/30 上午 01:00:18 SMTP Server: 202.169.57.114 connected
2017/03/30 上午 01:00:18 SMTP Server: 202.169.57.114 disconnected. 0 message[s] received
2017/03/30 上午 01:01:47 SMTP Server: 75-150-10-10-atlanta.hfc.comcastbusiness.net (75.150.10.10) connected
2017/03/30 上午 01:01:47 SMTP Server: 75-150-10-10-atlanta.hfc.comcastbusiness.net (75.150.10.10) disconnected. 0 message[s] received
2017/03/30 上午 01:03:13 SMTP Server: radio.gtt.co.gy (190.80.12.180) connected
2017/03/30 上午 01:03:13 SMTP Server: radio.gtt.co.gy (190.80.12.180) disconnected. 0 message[s] received
2017/03/30 上午 01:09:28 SMTP Server: ool-603913ea.static.optonline.net (96.57.19.234) connected
2017/03/30 上午 01:09:28 SMTP Server: ool-603913ea.static.optonline.net (96.57.19.234) disconnected. 0 message[s] received
2017/03/30 上午 01:12:43 SMTP Server: TEST (95.177.208.51) connected
2017/03/30 上午 01:12:43 SMTP Server: TEST (95.177.208.51) disconnected. 0 message[s] received
2017/03/30 上午 01:16:00 SMTP Server: 58.185.138.18 connected
2017/03/30 上午 01:16:00 SMTP Server: 58.185.138.18 disconnected. 0 message[s] received
2017/03/30 上午 01:19:10 SMTP Server: 50-78-121-241-static.hfc.comcastbusiness.net (50.78.121.241) connected
2017/03/30 上午 01:19:10 SMTP Server: 50-78-121-241-static.hfc.comcastbusiness.net (50.78.121.241) disconnected. 0 message[s] received
2017/03/30 上午 01:22:10 SMTP Server: mail.chinhingroup.com (175.139.178.198) connected
2017/03/30 上午 01:22:10 SMTP Server: mail.chinhingroup.com (175.139.178.198) disconnected. 0 message[s] received
2017/03/30 上午 01:24:36 SMTP Server: remote.globalprints.com (173.162.140.157) connected
2017/03/30 上午 01:24:36 SMTP Server: remote.globalprints.com (173.162.140.157) disconnected. 0 message[s] received
2017/03/30 上午 01:24:38 SMTP Server: remote.globalprints.com (173.162.140.157) connected
2017/03/30 上午 01:24:38 SMTP Server: remote.globalprints.com (173.162.140.157) disconnected. 0 message[s] received
2017/03/30 上

圖片
  直播研討會
圖片
{{ item.channelVendor }} {{ item.webinarstarted }} |
{{ formatDate(item.duration) }}
直播中

1 個回答

1
bizpro
iT邦大師 1 級 ‧ 2017-03-30 17:21:25

沒事, 只是有人來敲門.
至於該如何是好?

  1. 觀察看看會不會形成阻斷攻擊(DoS或DDoS), 也就是說觀察服務有沒有異常.
  2. 觀察看看會不會有字典攻擊, 也就是有沒有帳號登入的動作.
  3. 前端如果有antispam+firewall, 看看是否可以擋IP, 例如用fail2ban, ipset等.
看更多先前的回應...收起先前的回應...
dandy6 iT邦新手 4 級 ‧ 2017-03-30 17:29:57 檢舉

感謝Bizpro大大的回應, 真的是希望密碼沒有這麼破, 不會被他人猜到, 這種情形已經超過1 週了, 每天都還來敲門.

bizpro iT邦大師 1 級 ‧ 2017-03-30 17:56:54 檢舉

您可以到
https://mxtoolbox.com/blacklists.aspx
檢查您的IP, 如果是被relay, 很快會被列上去的.

那些來敲門的本身也可能身不由己: 例如mx.exor.hu (78.131.87.207):
https://mxtoolbox.com/SuperTool.aspx?action=blacklist%3a78.131.87.207&run=toolpage

dandy6 iT邦新手 4 級 ‧ 2017-03-31 09:39:24 檢舉

感謝Bizpro大大的回應, 之前就試過這個網站, 目前沒有發現問題, 但是擔心敲門的動作不停, 那一天就真的出包了.

bizpro iT邦大師 1 級 ‧ 2017-03-31 10:53:49 檢舉

每天都會有, 檢查log是好習慣, 敲門是小事, 要注意那些failed的紀錄, 那些是試圖入侵的.

我要發表回答

立即登入回答