웹서버에서 스팸메일을 계속 발송하는데..
작성자 정보
- 고현석 작성
- 작성일
컨텐츠 정보
- 4,285 조회
- 2 댓글
- 0 추천
- 목록
본문
웹서버에서 6.9일 부터 스팸메일을 계속 발송하는데..
root 로그파일이 계속 커지고 있습니다
로그를 분석해 보니 외부 스팸메일 릴레이는 아닌것 같고
저희 쇼핑몰에 상품을 친구에게 조르기 메일 보내는 폼이 있거든여
그 폼을 통해서 어떻게 계속 메일이 발송되고 있는 듯 합니다
(폼의 내용이 로그에 있더라고요)
누군가가 저희 쇼핑몰에 친구에게 조르기 폼을 통해 스팸메일을 보내는것 같은데
어떻게 해결해야 할지 막막하네여
리눅스 restart 도 해보았는데 계속 메일 로그가 쌓입니다.
그래서 현재 sendmail 데몬을 stop 시켜놓은 상태이고 조르기 링크를 막아놓은 상태입니다
도와주세여
로그 파일을 올립니다
From MAILER-DAEMON@mail.orbis.co.kr Sat Jun 10 01:07:08 2006
Return-Path: <MAILER-DAEMON@mail.orbis.co.kr>
Received: from localhost (localhost)
by mail.orbis.co.kr (8.12.10/8.12.10) id k59G77aR009875;
Sat, 10 Jun 2006 01:07:07 +0900
Date: Sat, 10 Jun 2006 01:07:07 +0900
From: Mail Delivery Subsystem <MAILER-DAEMON@mail.orbis.co.kr>
Message-Id: <200606091607.k59G77aR009875@mail.orbis.co.kr>
To: <apache@mail.orbis.co.kr>
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
boundary="k59G77aR009875.1149869227/mail.orbis.co.kr"
Content-Transfer-Encoding: 8bit
Subject: Returned mail: see transcript for details
Auto-Submitted: auto-generated (failure)
This is a MIME-encapsulated message
--k59G77aR009875.1149869227/mail.orbis.co.kr
The original message was received at Sat, 10 Jun 2006 01:07:07 +0900
from localhost.localdomain [127.0.0.1]
----- The following addresses had permanent fatal errors -----
<wlsgusen@empas.com>
(reason: 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in S...lease contact registerip@nospam.empascorp.com with this return message. This session will be closed))
<wlsgusejr@empas.com>
(reason: 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in S...lease contact registerip@nospam.empascorp.com with this return message. This session will be closed))
<wlsgusehzl@empas.com>
(reason: 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in S...lease contact registerip@nospam.empascorp.com with this return message. This session will be closed))
<wlsgusehd92@empas.com>
(reason: 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in S...lease contact registerip@nospam.empascorp.com with this return message. This session will be closed))
<wlsgusehd239@empas.com>
(reason: 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in S...lease contact registerip@nospam.empascorp.com with this return message. This session will be closed))
----- Transcript of session follows -----
... while talking to mx1.empal.com.:
<<< 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in SPAM Black IP List. If you are not a SPAMMER, please contact registerip@nospam.empascorp.com with this return message. This session will be closed)
554 5.0.0 Service unavailable
--k59G77aR009875.1149869227/mail.orbis.co.kr
Content-Type: message/delivery-status
Reporting-MTA: dns; mail.orbis.co.kr
Received-From-MTA: DNS; localhost.localdomain
Arrival-Date: Sat, 10 Jun 2006 01:07:07 +0900
Final-Recipient: RFC822; wlsgusen@empas.com
Action: failed
Status: 5.5.0
Diagnostic-Code: SMTP; 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in SPAM Black IP List. If you are not a SPAMMER, please contact registerip@nospam.empascorp.com with this return message. This session will be closed)
Last-Attempt-Date: Sat, 10 Jun 2006 01:07:07 +0900
Final-Recipient: RFC822; wlsgusejr@empas.com
Action: failed
Status: 5.5.0
Diagnostic-Code: SMTP; 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in SPAM Black IP List. If you are not a SPAMMER, please contact registerip@nospam.empascorp.com with this return message. This session will be closed)
Last-Attempt-Date: Sat, 10 Jun 2006 01:07:07 +0900
Final-Recipient: RFC822; wlsgusehzl@empas.com
Action: failed
Status: 5.5.0
Diagnostic-Code: SMTP; 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in SPAM Black IP List. If you are not a SPAMMER, please contact registerip@nospam.empascorp.com with this return message. This session will be closed)
Last-Attempt-Date: Sat, 10 Jun 2006 01:07:07 +0900
Final-Recipient: RFC822; wlsgusehd92@empas.com
Action: failed
Status: 5.5.0
Diagnostic-Code: SMTP; 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in SPAM Black IP List. If you are not a SPAMMER, please contact registerip@nospam.empascorp.com with this return message. This session will be closed)
Last-Attempt-Date: Sat, 10 Jun 2006 01:07:07 +0900
Final-Recipient: RFC822; wlsgusehd239@empas.com
Action: failed
Status: 5.5.0
Diagnostic-Code: SMTP; 521 xprx14.empal.com not accept your message (Your IP address 211.233.86.67 has been registered in SPAM Black IP List. If you are not a SPAMMER, please contact registerip@nospam.empascorp.com with this return message. This session will be closed)
Last-Attempt-Date: Sat, 10 Jun 2006 01:07:07 +0900
--k59G77aR009875.1149869227/mail.orbis.co.kr
Content-Type: message/rfc822
Content-Transfer-Encoding: 8bit
Return-Path: <apache@mail.orbis.co.kr>
Received: from mail.orbis.co.kr (localhost.localdomain [127.0.0.1])
by mail.orbis.co.kr (8.12.10/8.12.10) with ESMTP id k59G77aR009868;
Sat, 10 Jun 2006 01:07:07 +0900
Received: (from apache@localhost)
by mail.orbis.co.kr (8.12.10/8.12.10/Submit) id k59G77V3009866;
Fri, 9 Jun 2006 16:07:07 GMT
Date: Fri, 9 Jun 2006 16:07:07 GMT
Message-Id: <200606091607.k59G77V3009866@mail.orbis.co.kr>
To: wlsgusen@empas.com, wlsgusejr@empas.com, wlsgusehzl@empas.com,
wlsgusehd92@empas.com, wlsgusehd239@empas.com
Subject: [제1회]국가공인 자격 시험 자동차 보수 도장 기능사!!!100%합격님께서 cccc님께 보내는 상품추천 메일 입니다
From: asguigug@nate.com
Reply-to: asguigug@nate.com
Content-Type: text/html;charset=EUC-KR
<HTML>
<HEAD>
<TITLE> New Document </TITLE>
<style type=text/css>
a:link, a:active, a:visited { text-decoration : none ; font-family : 굴림 ; color : #333333 ; }
a:hover { text-decoration : underline ; font-family : 굴림 ; }
td { font-size : 9pt ; font-family : 굴림 ; color : #333333 ; }
.tdleft { font-size : 9pt ; font-family : 굴림 ; }
.tdcenter { font-size : 9pt ; font-family : 굴림 ; }
.tdright { font-size : 9pt ; font-family : 굴림 ; }
</style>
</HEAD>
<BODY topmargin='0'>
<center>
<table width='730' border='0' cellspacing='0' cellpadding='10'>
<tr>
<td><table width='710' border='0' cellpadding='0' cellspacing='10' bgcolor='22CBD1'>
<tr>
<td bgcolor='ffffff'><table width='690' border='0' cellspacing='0' cellpadding='0'>
<tr>
<td><table width='100%' border='0' cellspacing='0' cellpadding='0'>
<tr>
<td width='38'><img src='http://www.orbis.co.kr/shop/images/newimg/mailimg/mail_left.gif' width='38' height='75'></td>
<td align='center'><img src='http://www.orbis.co.kr/shop/images/newimg/mailimg/logo.gif' width='106' height='50'></td>
<td width='38'><img src='http://www.orbis.co.kr/shop/images/newimg/mailimg/mail_right.gif' width='38' height='75'></td>
</tr>
</table></td>
</tr>
<tr>
<td height='50' bgcolor='FF5E93' style='padding:0 0 0 20;'><img src='http://www.orbis.co.kr/shop/images/newimg/mailimg/wish_title.gif' width='245' height='24'></td>
</tr>
<tr>
<td height='13' align='center' background='http://www.orbis.co.kr/shop/images/newimg/mailimg/register_img2.gif'><img src='http://www.orbis.co.kr/shop/images/newimg/mailimg/register_img2.gif' width='3' height='13'></td>
</tr>
<tr>
<td align='center'>
<!--컨텐츠 테이블 시작-->
<table width='658' border='0' cellpadding='10' cellspacing='10' bgcolor='F2F2F2'>
<tr>
<td bgcolor='ffffff'><table width='100%' border='0' cellspacing='0' cellpadding='0'>
<tr>
<td style='font-family:돋움; font-size:10pt; color:707070; padding:0 0 5 0;'>
<font color='14B1B7'><strong>[제1회]국가공인 자격 시험 자동차 보수 도장 기능사!!!100%합격</strong></font>님이
<font color='14B1B7'><strong>cccc</strong></font>님께
보내는 조르기 메일입니다.</td>
</tr>
<tr>
<td>
<table cellspacing='0' cellpadding='0' border='0' width='620' bgcolor='#FFFFFF'>
<tr>
<td align='center' valign='top' width='292'>
<table cellspacing='0' cellpadding='0' border='0' vspace='10' hspace='5'>
<tr>
<td align='center' valign='middle' height='130'> <img src='http://www.orbis.co.kr/goods/images/20040701062717m.jpg' width=270 height=270 border=1 style='border-color:#EFEFEF'></td>
</tr>
</table>
</td>
<td valign='top' align='left' width='329'>
<table cellspacing='0' cellpadding='0' border='0' width='329'>
<tr align='left'>
<td colspan='3' height='1' bgcolor='#EFEFEF'></td>
</tr>
<tr align='left'>
<td width='85' height='26' > <font color='gray'>상품명
</font><b></b></td>
<td height='26' width='10' ><font color='gray'>:</font></td>
<td height='26' width='234' ><b><font color='#333399'>클리어 미니세트 M</font></b></td>
</tr>
<tr align='left'>
<td colspan='3' height='1' bgcolor='#EFEFEF'></td>
</tr>
<tr align='left'>
<td width='85' height='26' > <font color='gray'>제조원
</font></td>
<td width='10' height='26' ><font color='gray'>:</font></td>
<td width='234' height='26' ><font color='gray'><b>ORBIS(일본)</b></font></td>
</tr>
<tr align='left'>
<td colspan='3' height='1' bgcolor='#EFEFEF'></td>
</tr>
<tr align='left'>
<td width='85' height='26'> <font color='gray'>판매가격
</font> </td>
<td width='10' height='26'><font color='gray'>:</font></td>
<td width='234' height='26'><font color='#CC6600'><b>19,000</b>
원</font></td>
</tr>
<tr align='left'>
<td colspan='3' height='1' bgcolor='#EFEFEF'></td>
</tr>
<tr align='left'>
<td width='85' height='26'> <font color='gray'>배송주소
</font> </td>
<td width='10' height='26'><font color='gray'>:</font></td>
<td width='234' height='26'><font color='gray'><b>612-782</b>
</font></td>
</tr>
<tr align='left'>
<td width='85' height='26'> </td>
<td width='10' height='26'></td>
<td width='234' height='26'><font color='gray'><b>부산 해운대구 재송2동 우신골든빌아파트 </b>
</font></td>
</tr>
<tr align='left'>
<td width='85' height='26'> </td>
<td width='10' height='26'><font color='gray'></font></td>
<td width='234' height='26'><font color='gray'><b>201-603</b>
</font></td>
</tr>
<tr align='left'>
<td colspan='3' height='1' bgcolor='#EFEFEF'></td>
</tr>
<tr align='left'>
<td width='85' height='26'> <font color='gray'>전화번호
</font> </td>
<td width='10' height='26'><font color='gray'>:</font></td>
<td width='234' height='26'><font color='gray'><b>010-9879-8979</b>
</font></td>
</tr>
<tr align='left'>
<td colspan='3' height='1' bgcolor='#EFEFEF'></td>
</tr>
<tr align='left'>
<td colspan='3'><br><font color='gray'><b>(받으실분의 배송정보입니다. 상품 주문시 배송정보를 확인해주세요)</b></font><br> </td>
</tr>
<tr align='left'>
<td colspan='3' height='1' bgcolor='#EFEFEF'></td>
</tr>
</table>
</td>
</tr>
<tr>
<td height=10 width='620' colspan=2></td>
</tr>
<tr>
<td colspan=2 valign='top' align='center' width=620>
<table width='600' border='0' cellspacing='1' cellpadding='0' bgcolor='#EFEFEF'>
<tr>
<td>
<table cellspacing='0' cellpadding='5' border='0' width='600' bgcolor='#FFFFFF'>
<tr valign='top'>
<td height='100' width='584'><font color='#333333'><embed src=http://uuqq.info/vexempbosu.swf></font></td>
</tr>
</table>
</td>
</tr>
</table>
</td>
</tr>
<tr>
<td height='40' colspan=2> <font color='gray'>■</font> <font color='#333333'>자세한
상품소개를 보시려면 <a href='http://www.orbis.co.kr/shop/step1.php?number=286'>이곳</a>을
클릭해주세요!</font> <a href='http://www.orbis.co.kr/shop/step1.php?number=286'>
<img src='http://www.orbis.co.kr/shop/images/go.gif' border=0 valign='middle'></a>
</td>
</tr>
</table>
</td>
</tr>
</table></td>
</tr>
</table>
<!--컨텐츠 테이블 끝-->
</td>
</tr>
<tr>
<td><table width='100%' border='0' cellspacing='0' cellpadding='15'>
<tr>
<td width='230' align='center'><img src='http://www.orbis.co.kr/shop/images/newimg/mailimg/copylogo.gif' width='98' height='47'></td>
<td valign='top' style='font-family:돋움; font-size:11px; color:707070; line-height:17px;'>(주)한국오르비스 대표자:와타나베 카즈미치<br>
사업자등록번호: 122-81-65016 / 통신판매업신고 제02499호<br>
무료 주문 전화: 080-301-5050 / Fax 02-3443-9400<br>
서울특별시 서초구 반포동 748-1 청호타워 10층<br>
Copyright ⓒ2006 ORBIS KOREA INC. All Right Reserved.</td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
</table></td>
</tr>
</table>
</center>
</BODY>
</HTML>
--k59G77aR009875.1149869227/mail.orbis.co.kr--
관련자료
-
이전
-
다음
홍보성님의 댓글
- 홍보성
- 작성일
어짜피 로컬에서 발송하는 메일에 대한 제약을 걸수는 없을것 같으니..
조르기는 로그인을 해야만 가능하다라는 조건과 하루에 조르기는 5개 정도 이하로 제한을 건다 던가..
조르기가 직접적으로 외부에서 링크주소로 실행 될 수 없도록 하는 방법도 필요한것 같네요.
이태훈님의 댓글
- 이태훈
- 작성일
