Re: Postfix i filtres
Hola!
Per fi me n'he sortit amb el postfix. Ara, tal com dius, ja ni gasto temps :P
Tenir el teu propi servidor a casa dóna algun que altre maldecap, però un cop va tot... com una seda!!
Aquesta nit m'ha filtrat una bajanada de correu-virus [1]. Seria molt bo que els ISP (bé, els seus BOFHers) posessin aquests filtres al MTA... avui en dia qui és que envia executables sense 'zippar' (apart dels virus)?? No costa res i ells mateixos s'estalviarien un ample de banda bestial (Cada swen ocupa 150K...)
[1] sortida del log d'AQUEST MATÍ (ja ni surt el de la matinada...):
Sep 20 08:11:12 annys postfix/cleanup[27070]: 218D42E281: reject: header Content-Type: audio/x-wav; name="ehuaqs.bat" from ncc3.infomail.es[195.235.39.5]; from=<bberasategui@elcultural.es> to=<andreu@eines.info> proto=ESMTP helo=<infomail.es>: No enviar executables. Possiblement estiguis infestat amb un virus, actualitza lantivirus!! -- Your machine sent me a mail with an executable, possibily infested with a virus, please update your antivirus and stop spreading viruses!
Sep 20 08:12:12 annys postfix/smtpd[27068]: disconnect from ncc3.infomail.es[195.235.39.5]
Sep 20 08:29:31 annys postfix/smtpd[27087]: connect from imf18aec.mail.bellsouth.net[205.152.59.66]
Sep 20 08:29:32 annys postfix/smtpd[27087]: 5FE592E280: client=imf18aec.mail.bellsouth.net[205.152.59.66]
Sep 20 08:29:33 annys postfix/cleanup[27089]: 5FE592E280: message-id=<20030920062923.CKIR1874.imf18aec.mail.bellsouth.net@pbpuxkrv>
Sep 20 08:29:34 annys postfix/cleanup[27089]: 5FE592E280: reject: header Content-Type: application/x-msdownload; name="qatv.exe" from imf18aec.mail.bellsouth.net[205.152.59.66]; from=<gene417@bellsouth.net> to=<andreu@eines.info> proto=ESMTP helo=<imf18aec.mail.bellsouth.net>: No enviar executables. Possiblement estiguis infestat amb un virus, actualitza lantivirus!! -- Your machine sent me a mail with an executable, possibily infested with a virus, please update your antivirus and stop spreading viruses!
Sep 20 08:31:11 annys postfix/smtpd[27092]: connect from imf18aec.mail.bellsouth.net[205.152.59.66]
Sep 20 08:31:11 annys postfix/smtpd[27092]: 8C5C62E280: client=imf18aec.mail.bellsouth.net[205.152.59.66]
Sep 20 08:31:12 annys postfix/cleanup[27089]: 8C5C62E280: message-id=<20030920063103.CLDH1874.imf18aec.mail.bellsouth.net@nrgl>
Sep 20 08:31:12 annys postfix/cleanup[27089]: 8C5C62E280: reject: header Content-Type: audio/x-wav; name="gueflx.scr" from imf18aec.mail.bellsouth.net[205.152.59.66]; from=<gene417@bellsouth.net> to=<andreu@eines.info> proto=ESMTP helo=<imf18aec.mail.bellsouth.net>: No enviar executables. Possiblement estiguis infestat amb un virus, actualitza lantivirus!! -- Your machine sent me a mail with an executable, possibily infested with a virus, please update your antivirus and stop spreading viruses!
Sep 20 08:36:39 annys postfix/smtpd[27087]: timeout after END-OF-MESSAGE from imf18aec.mail.bellsouth.net[205.152.59.66]
Sep 20 08:36:39 annys postfix/smtpd[27087]: disconnect from imf18aec.mail.bellsouth.net[205.152.59.66]
Sep 20 08:38:18 annys postfix/smtpd[27092]: timeout after END-OF-MESSAGE from imf18aec.mail.bellsouth.net[205.152.59.66]
Sep 20 08:38:18 annys postfix/smtpd[27092]: disconnect from imf18aec.mail.bellsouth.net[205.152.59.66]
Sep 20 09:09:23 annys postfix/smtpd[27114]: connect from smtp04.freeler.nl[213.218.75.233]
Sep 20 09:09:23 annys postfix/smtpd[27114]: ED0312E280: client=smtp04.freeler.nl[213.218.75.233]
Sep 20 09:09:27 annys postfix/cleanup[27116]: ED0312E280: message-id=<20030920070923.ED0312E280@annys.eines.info>
Sep 20 09:09:27 annys postfix/cleanup[27116]: ED0312E280: reject: header Content-Type: application/x-msdownload; name="pack649.exe" from smtp04.freeler.nl[213.218.75.233]; from=<eveleens@vanwijkenco.nl> to=<andreu@eines.info> proto=ESMTP helo=<smtp04.freeler.nl>: No enviar executables. Possiblement estiguis infestat amb un virus, actualitza lantivirus!! -- Your machine sent me a mail with an executable, possibily infested with a virus, please update your antivirus and stop spreading viruses!
Sep 20 09:10:32 annys postfix/smtpd[27114]: disconnect from smtp04.freeler.nl[213.218.75.233]
Sep 20 09:10:38 annys postfix/smtpd[27114]: connect from smtp06.freeler.nl[213.218.75.235]
Sep 20 09:10:38 annys postfix/smtpd[27114]: 4A97E2E280: client=smtp06.freeler.nl[213.218.75.235]
Sep 20 09:10:39 annys postfix/cleanup[27116]: 4A97E2E280: message-id=<20030920071038.4A97E2E280@annys.eines.info>
Sep 20 09:10:39 annys postfix/cleanup[27116]: 4A97E2E280: reject: header Content-Type: audio/x-wav; name="comvc.exe" from smtp06.freeler.nl[213.218.75.235]; from=<eveleens@vanwijkenco.nl> to=<andreu@eines.info> proto=ESMTP helo=<smtp06.freeler.nl>: No enviar executables. Possiblement estiguis infestat amb un virus, actualitza lantivirus!! -- Your machine sent me a mail with an executable, possibily infested with a virus, please update your antivirus and stop spreading viruses!
Sep 20 09:11:44 annys postfix/smtpd[27114]: disconnect from smtp06.freeler.nl[213.218.75.235]
Sep 20 09:18:33 annys pop3-login: Login: andreu [192.168.0.6]
El Sat, 20 Sep 2003 03:59:06 +0200
Joan Tur <jtur@wanadoo.es> va escriure:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Es Divendres 19 Setembre 2003 20:39, en Francesc Alted va escriure:
> > [Recollons, i jo que creia que usant linux seria invulnerable als virus...]
> Ho ets. Senzillament gastes temps };)
>
> - --
> Joan Tur. Eivissa-Spain
> Jabber, Yahoo & AIM: quini2k
> www.ClubIbosim.org
> Linux: usuari registrat 190.783
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.3 (GNU/Linux)
>
> iD8DBQE/a7Rsok8j9RhtetwRAjITAJ9JqoVfUdPO/bBsCo/Yhc5d0doxagCfWG6h
> ALs2SRhwMmaVg9JGA4dPbz4=
> =d4PE
> -----END PGP SIGNATURE-----
>
>
> --
> To UNSUBSCRIBE, email to debian-user-catalan-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
--
Andreu Bassols i Alcón [anigwei]
Webmaster d'Eines - http://www.eines.info
DIP: http://annys.eines.info/raims
Usuari registrat de Linux #291715
Reply to: