forum.opennet.ru

Составление сообщения

Исходное сообщение

"help. Спам с моего сервера"
Отправлено admin, 11-Дек-06 15:11

Подскажите пожалуйста! Думаю, что кто-то рассылает спам с моего сервера Тк приходят отлупы от исходящей почты
Например

Тема:
Returned mail: see the transcript [FAILED(1)]
От:
The Post Office <postmaster@millic.com.ar>
Дата:
Mon, 11 Dec 2006 05:48:06 -0300
Кому:
leitmotifqueerer@mydomain.ru
This is a collection of reports about email delivery
process concerning a message you originated.
Some explanations/translations for these reports
can be found at:
      http://zmailer.org/delivery-report-decoding.html
If you are our customer, further help is available
at email address: postmaster@millic.com.ar
Reporting-MTA: dns; fe0.millic.com.ar
Return-Path: <leitmotifqueerer@mydomain.ru>
Arrival-Date: Mon, 11 Dec 2006 05:48:02 -0300
Local-Spool-ID: S1638450AbWLKIsC

FAILED:
  Arrived Recipient:
      rfc822;gianast@interlobos.com.ar
  Original Recipient:
      rfc822;gianast@interlobos.com.ar
  Final Recipient:
      RFC822;gianast@interlobos.com.ar
  Status:
      2.5.0
  Last Attempt Date:
      Mon, 11 Dec 2006 05:48:06 -0300
  Diagnostic Code:
      smtp;250 (Delivered)
  Control data:
      maildrop interlobos.com.ar gianast@interlobos.com.ar 99
  Diagnostic texts:
      Unknown sysexits error code 122! maildrop: maildir over quota.[exit status 122/122]
Following is a copy of MESSAGE/DELIVERY-STATUS format section below.
It is copied here in case your email client is unable to show it to you.
The information here below is in  Internet Standard  format designed to
assist automatic, and accurate presentation and usage of said information.
In case you need human assistance from the Postmaster(s) of the system which
sent you this report, please include this information in your question!
    Virtually Yours,
        Automatic Email Delivery Software
Reporting-MTA: dns; fe0.millic.com.ar
Arrival-Date: Mon, 11 Dec 2006 05:48:02 -0300
Local-Spool-ID: S1638450AbWLKIsC
Original-Recipient: rfc822;gianast@interlobos.com.ar
Final-Recipient: RFC822;gianast@interlobos.com.ar
Action: failed
Status: 2.5.0
Last-Attempt-Date: Mon, 11 Dec 2006 05:48:06 -0300
Diagnostic-Code: smtp;250 (Delivered)

Following is copy of the message headers. Original message content may
be in subsequent parts of this MESSAGE/DELIVERY-STATUS structure.
Received: from dsl-ap-dynamic-036.115.22.125.airtelbroadband.in ([125.22.115.36]:11627
    "EHLO dsl-ap-dynamic-036.115.22.125.airtelbroadband.in")
    by mx0.millic.com.ar with ESMTP id S1638450AbWLKIsC;
    Mon, 11 Dec 2006 05:48:02 -0300
Received: from dsl-ap-dynamic-036.115.22.125.airtelbroadband.in (HELO dsl-ap-dynamic-036.115.22.125.airtelbroadband.in) (125.22.115.36)
    by mx0.millic.com.ar (qpsmtpd/0.33-dev) with ESMTP; Mon, 11 Dec 2006 05:47:59 -0300
Received: from 89.108.81.xxx (HELO relay.mydomain.ru)
     by interlobos.com.ar with esmtp (,62P<BG33*O '-0@)
     id 6.175/-'3U4KA-L0
     for gianast@interlobos.com.ar; Mon, 11 Dec 2006 08:48:07 -0330
From:    "Lionel Hart" <leitmotifqueerer@mydomain.ru>
To:    <gianast@interlobos.com.ar>
Subject: Hart advice
Date:    Mon, 11 Dec 2006 08:48:07 -0330
Message-ID: <01c71d01$140c1f20$6c822ecf@leitmotifqueerer>
MIME-Version: 1.0
Content-Type: text/plain;
    charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Office Outlook, Build 11.0.6353
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2741.2600
Thread-Index: Aca6QJ*-.NH10=@=<,F,846CZ;);@5==
X-Millicom-Alerce-Info:    Alerce - Proteccion contra spam y virus en e-mail
X-Millicom-Alerce-MXId:    c5f403e89299356966ac66a628a47117
X-Millicom-Alerce: No fue revisado por el AntiVirus
X-Millicom-Alerce-SpamAnalisis:

Строчку Received: from 89.108.81.xxx (HELO relay.mydomain.ru) ведь нельзя подделать?

Самое интересное, что в maillog все чисто - такой исходящей почты не было!!
Во всех отлупах есть X-Mailer: Microsoft Office Outlook

В процессах ничего лишнего, sockstat показывает что только почтовик коннектится к 25м портам...
Нашел интересные логи у Апача
httpd-error.log
[Wed Nov 29 07:56:09 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 61.19.121.101) (OpenSSL library error follows)
[Wed Nov 29 07:56:09 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message
[Fri Dec  1 23:51:30 2006] [error] [client 217.35.75.67] File does not exist: /usr/local/www/data/test/
[Mon Dec  4 15:19:18 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 82.200.22.129) (OpenSSL library error follows)
[Mon Dec  4 15:19:18 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message
[Tue Dec  5 03:50:31 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 82.200.22.129) (OpenSSL library error follows)
[Tue Dec  5 03:50:31 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message
[Tue Dec  5 04:19:26 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 204.11.227.220) (OpenSSL library error follows)
[Tue Dec  5 04:19:26 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request [Hint: speaking HTTP to HTTPS port!?]
[Tue Dec  5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Dec  5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Tue Dec  5 04:19:27 2006] [error] [client 204.11.227.220] request failed: error reading the headers
[Tue Dec  5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Dec  5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Tue Dec  5 04:19:27 2006] [error] [client 204.11.227.220] Client sent malformed Host header
[Tue Dec  5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Dec  5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Tue Dec  5 04:19:27 2006] [error] [client 204.11.227.220] Client sent malformed Host header
[Tue Dec  5 04:19:28 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 204.11.227.220) (OpenSSL library error follows)
[Tue Dec  5 04:19:28 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request [Hint: speaking HTTP to HTTPS port!?]
[Tue Dec  5 04:19:28 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Dec  5 04:19:28 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Tue Dec  5 04:19:28 2006] [error] [client 204.11.227.220] request failed: error reading the headers
[Tue Dec  5 04:19:29 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Dec  5 04:19:29 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Tue Dec  5 04:19:29 2006] [error] [client 204.11.227.220] Client sent malformed Host header
[Tue Dec  5 04:19:29 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Tue Dec  5 04:19:29 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Tue Dec  5 04:19:29 2006] [error] [client 204.11.227.220] Client sent malformed Host header
[Wed Dec  6 06:39:58 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 213.239.206.209) (OpenSSL library error follows)
[Wed Dec  6 06:39:58 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request [Hint: speaking HTTP to HTTPS port!?]
[Wed Dec  6 06:39:58 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Wed Dec  6 06:39:58 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Wed Dec  6 06:39:58 2006] [error] [client 213.239.206.209] request failed: error reading the headers
[Wed Dec  6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Wed Dec  6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Wed Dec  6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed Host header
[Wed Dec  6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Wed Dec  6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Wed Dec  6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed Host header
[Wed Dec  6 06:39:59 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 213.239.206.209) (OpenSSL library error follows)
[Wed Dec  6 06:39:59 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request [Hint: speaking HTTP to HTTPS port!?]
[Wed Dec  6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Wed Dec  6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Wed Dec  6 06:39:59 2006] [error] [client 213.239.206.209] request failed: error reading the headers
[Wed Dec  6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Wed Dec  6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Wed Dec  6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed Host header
[Wed Dec  6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows)
[Wed Dec  6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?]
[Wed Dec  6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed Host header

httpd-access.log
213.239.206.209 - - [06/Dec/2006:06:39:58 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 375
213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 323
213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 323
213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 375
213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 323
213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 323

Неужели все из-за openssl?
Подскажите плз - уже несколько дней безрезультатно пытаюсь отыскать откуда же отправляются письма
os Freebsd.

Исходное сообщение
"help. Спам с моего сервера" Отправлено admin, 11-Дек-06 15:11
Подскажите пожалуйста! Думаю, что кто-то рассылает спам с моего сервера Тк приходят отлупы от исходящей почты Например Тема: Returned mail: see the transcript [FAILED(1)] От: The Post Office <postmaster@millic.com.ar> Дата: Mon, 11 Dec 2006 05:48:06 -0300 Кому: leitmotifqueerer@mydomain.ru This is a collection of reports about email delivery process concerning a message you originated. Some explanations/translations for these reports can be found at: http://zmailer.org/delivery-report-decoding.html If you are our customer, further help is available at email address: postmaster@millic.com.ar Reporting-MTA: dns; fe0.millic.com.ar Return-Path: <leitmotifqueerer@mydomain.ru> Arrival-Date: Mon, 11 Dec 2006 05:48:02 -0300 Local-Spool-ID: S1638450AbWLKIsC FAILED: Arrived Recipient: rfc822;gianast@interlobos.com.ar Original Recipient: rfc822;gianast@interlobos.com.ar Final Recipient: RFC822;gianast@interlobos.com.ar Status: 2.5.0 Last Attempt Date: Mon, 11 Dec 2006 05:48:06 -0300 Diagnostic Code: smtp;250 (Delivered) Control data: maildrop interlobos.com.ar gianast@interlobos.com.ar 99 Diagnostic texts: Unknown sysexits error code 122! maildrop: maildir over quota.[exit status 122/122] Following is a copy of MESSAGE/DELIVERY-STATUS format section below. It is copied here in case your email client is unable to show it to you. The information here below is in Internet Standard format designed to assist automatic, and accurate presentation and usage of said information. In case you need human assistance from the Postmaster(s) of the system which sent you this report, please include this information in your question! Virtually Yours, Automatic Email Delivery Software Reporting-MTA: dns; fe0.millic.com.ar Arrival-Date: Mon, 11 Dec 2006 05:48:02 -0300 Local-Spool-ID: S1638450AbWLKIsC Original-Recipient: rfc822;gianast@interlobos.com.ar Final-Recipient: RFC822;gianast@interlobos.com.ar Action: failed Status: 2.5.0 Last-Attempt-Date: Mon, 11 Dec 2006 05:48:06 -0300 Diagnostic-Code: smtp;250 (Delivered) Following is copy of the message headers. Original message content may be in subsequent parts of this MESSAGE/DELIVERY-STATUS structure. Received: from dsl-ap-dynamic-036.115.22.125.airtelbroadband.in ([125.22.115.36]:11627 "EHLO dsl-ap-dynamic-036.115.22.125.airtelbroadband.in") by mx0.millic.com.ar with ESMTP id S1638450AbWLKIsC; Mon, 11 Dec 2006 05:48:02 -0300 Received: from dsl-ap-dynamic-036.115.22.125.airtelbroadband.in (HELO dsl-ap-dynamic-036.115.22.125.airtelbroadband.in) (125.22.115.36) by mx0.millic.com.ar (qpsmtpd/0.33-dev) with ESMTP; Mon, 11 Dec 2006 05:47:59 -0300 Received: from 89.108.81.xxx (HELO relay.mydomain.ru) by interlobos.com.ar with esmtp (,62P<BG33O '-0@) id 6.175/-'3U4KA-L0 for gianast@interlobos.com.ar; Mon, 11 Dec 2006 08:48:07 -0330 From: "Lionel Hart" <leitmotifqueerer@mydomain.ru> To: <gianast@interlobos.com.ar> Subject: Hart advice Date: Mon, 11 Dec 2006 08:48:07 -0330 Message-ID: <01c71d01$140c1f20$6c822ecf@leitmotifqueerer> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Office Outlook, Build 11.0.6353 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2741.2600 Thread-Index: Aca6QJ-.NH10=@=<,F,846CZ;);@5== X-Millicom-Alerce-Info: Alerce - Proteccion contra spam y virus en e-mail X-Millicom-Alerce-MXId: c5f403e89299356966ac66a628a47117 X-Millicom-Alerce: No fue revisado por el AntiVirus X-Millicom-Alerce-SpamAnalisis: Строчку Received: from 89.108.81.xxx (HELO relay.mydomain.ru) ведь нельзя подделать? Самое интересное, что в maillog все чисто - такой исходящей почты не было!! Во всех отлупах есть X-Mailer: Microsoft Office Outlook В процессах ничего лишнего, sockstat показывает что только почтовик коннектится к 25м портам... Нашел интересные логи у Апача httpd-error.log [Wed Nov 29 07:56:09 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 61.19.121.101) (OpenSSL library error follows) [Wed Nov 29 07:56:09 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message [Fri Dec 1 23:51:30 2006] [error] [client 217.35.75.67] File does not exist: /usr/local/www/data/test/ [Mon Dec 4 15:19:18 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 82.200.22.129) (OpenSSL library error follows) [Mon Dec 4 15:19:18 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message [Tue Dec 5 03:50:31 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 82.200.22.129) (OpenSSL library error follows) [Tue Dec 5 03:50:31 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected message [Tue Dec 5 04:19:26 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 204.11.227.220) (OpenSSL library error follows) [Tue Dec 5 04:19:26 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request [Hint: speaking HTTP to HTTPS port!?] [Tue Dec 5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Tue Dec 5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Tue Dec 5 04:19:27 2006] [error] [client 204.11.227.220] request failed: error reading the headers [Tue Dec 5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Tue Dec 5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Tue Dec 5 04:19:27 2006] [error] [client 204.11.227.220] Client sent malformed Host header [Tue Dec 5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Tue Dec 5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Tue Dec 5 04:19:27 2006] [error] [client 204.11.227.220] Client sent malformed Host header [Tue Dec 5 04:19:28 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 204.11.227.220) (OpenSSL library error follows) [Tue Dec 5 04:19:28 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request [Hint: speaking HTTP to HTTPS port!?] [Tue Dec 5 04:19:28 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Tue Dec 5 04:19:28 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Tue Dec 5 04:19:28 2006] [error] [client 204.11.227.220] request failed: error reading the headers [Tue Dec 5 04:19:29 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Tue Dec 5 04:19:29 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Tue Dec 5 04:19:29 2006] [error] [client 204.11.227.220] Client sent malformed Host header [Tue Dec 5 04:19:29 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Tue Dec 5 04:19:29 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Tue Dec 5 04:19:29 2006] [error] [client 204.11.227.220] Client sent malformed Host header [Wed Dec 6 06:39:58 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 213.239.206.209) (OpenSSL library error follows) [Wed Dec 6 06:39:58 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request [Hint: speaking HTTP to HTTPS port!?] [Wed Dec 6 06:39:58 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Wed Dec 6 06:39:58 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Wed Dec 6 06:39:58 2006] [error] [client 213.239.206.209] request failed: error reading the headers [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed Host header [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed Host header [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, client 213.239.206.209) (OpenSSL library error follows) [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https proxy request [Hint: speaking HTTP to HTTPS port!?] [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] request failed: error reading the headers [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed Host header [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP spoken on HTTPS port; trying to send HTML error page (OpenSSL library error follows) [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http request [Hint: speaking HTTP to HTTPS port!?] [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed Host header httpd-access.log 213.239.206.209 - - [06/Dec/2006:06:39:58 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 375 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 323 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 323 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 375 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 323 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" 400 323 Неужели все из-за openssl? Подскажите плз - уже несколько дней безрезультатно пытаюсь отыскать откуда же отправляются письма os Freebsd.

Ваше сообщение
Имя*:
EMail:	Для отправки новых сообщений в текущей нити на email укажите знак ! перед адресом, например, !user@host.ru (!! - не показывать email). Более тонкая настройка отправки ответов производится в профиле зарегистрированного участника форума.
Заголовок*:
Сообщение*:	> Подскажите пожалуйста! Думаю, что кто-то рассылает спам с моего сервера Тк приходят > отлупы от исходящей почты > Например > Тема: > Returned mail: see the transcript [FAILED(1)] > От: > The Post Office <postmaster@millic.com.ar> > Дата: > Mon, 11 Dec 2006 05:48:06 -0300 > Кому: > leitmotifqueerer@mydomain.ru > This is a collection of reports about email delivery > process concerning a message you originated. > Some explanations/translations for these reports > can be found at: > http://zmailer.org/delivery-report-decoding.html > If you are our customer, further help is available > at email address: postmaster@millic.com.ar > Reporting-MTA: dns; fe0.millic.com.ar > Return-Path: <leitmotifqueerer@mydomain.ru> > Arrival-Date: Mon, 11 Dec 2006 05:48:02 -0300 > Local-Spool-ID: S1638450AbWLKIsC > FAILED: > Arrived Recipient: > rfc822;gianast@interlobos.com.ar > Original Recipient: > rfc822;gianast@interlobos.com.ar > Final Recipient: > RFC822;gianast@interlobos.com.ar > Status: > 2.5.0 > Last Attempt Date: > Mon, 11 Dec 2006 05:48:06 -0300 > Diagnostic Code: > smtp;250 (Delivered) > Control data: > maildrop interlobos.com.ar gianast@interlobos.com.ar 99 > Diagnostic texts: > Unknown sysexits error code 122! maildrop: > maildir over quota.[exit status 122/122] > Following is a copy of MESSAGE/DELIVERY-STATUS format section below. > It is copied here in case your email client is unable to > show it to you. > The information here below is in Internet Standard format designed > to > assist automatic, and accurate presentation and usage of said information. > In case you need human assistance from the Postmaster(s) of the system > which > sent you this report, please include this information in your question! > Virtually Yours, > Automatic Email Delivery Software > Reporting-MTA: dns; fe0.millic.com.ar > Arrival-Date: Mon, 11 Dec 2006 05:48:02 -0300 > Local-Spool-ID: S1638450AbWLKIsC > Original-Recipient: rfc822;gianast@interlobos.com.ar > Final-Recipient: RFC822;gianast@interlobos.com.ar > Action: failed > Status: 2.5.0 > Last-Attempt-Date: Mon, 11 Dec 2006 05:48:06 -0300 > Diagnostic-Code: smtp;250 (Delivered) > Following is copy of the message headers. Original message content may > be in subsequent parts of this MESSAGE/DELIVERY-STATUS structure. > Received: from dsl-ap-dynamic-036.115.22.125.airtelbroadband.in ([125.22.115.36]:11627 > "EHLO dsl-ap-dynamic-036.115.22.125.airtelbroadband.in") > by mx0.millic.com.ar with ESMTP id S1638450AbWLKIsC; > Mon, 11 Dec 2006 05:48:02 -0300 > Received: from dsl-ap-dynamic-036.115.22.125.airtelbroadband.in (HELO dsl-ap-dynamic-036.115.22.125.airtelbroadband.in) > (125.22.115.36) > by mx0.millic.com.ar (qpsmtpd/0.33-dev) with ESMTP; Mon, 11 Dec > 2006 05:47:59 -0300 > Received: from 89.108.81.xxx (HELO relay.mydomain.ru) > by interlobos.com.ar with esmtp (,62P<BG33O '-0@) > id 6.175/-'3U4KA-L0 > for gianast@interlobos.com.ar; Mon, 11 Dec 2006 08:48:07 > -0330 > From: "Lionel Hart" <leitmotifqueerer@mydomain.ru> > To: <gianast@interlobos.com.ar> > Subject: Hart advice > Date: Mon, 11 Dec 2006 08:48:07 -0330 > Message-ID: <01c71d01$140c1f20$6c822ecf@leitmotifqueerer> > MIME-Version: 1.0 > Content-Type: text/plain; > charset="us-ascii" > Content-Transfer-Encoding: 7bit > X-Priority: 3 (Normal) > X-MSMail-Priority: Normal > X-Mailer: Microsoft Office Outlook, Build 11.0.6353 > X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2741.2600 > Thread-Index: Aca6QJ-.NH10=@=<,F,846CZ;);@5== > X-Millicom-Alerce-Info: Alerce - Proteccion contra spam y virus en e-mail > X-Millicom-Alerce-MXId: c5f403e89299356966ac66a628a47117 > X-Millicom-Alerce: No fue revisado por el AntiVirus > X-Millicom-Alerce-SpamAnalisis: > Строчку Received: from 89.108.81.xxx (HELO relay.mydomain.ru) ведь нельзя подделать? > Самое интересное, что в maillog все чисто - такой исходящей почты не > было!! > Во всех отлупах есть X-Mailer: Microsoft Office Outlook > В процессах ничего лишнего, sockstat показывает что только почтовик коннектится к 25м > портам... > Нашел интересные логи у Апача > httpd-error.log > [Wed Nov 29 07:56:09 2006] [error] mod_ssl: SSL handshake failed (server new.host.name:443, > client 61.19.121.101) (OpenSSL library error follows) > [Wed Nov 29 07:56:09 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected > message > [Fri Dec 1 23:51:30 2006] [error] [client 217.35.75.67] File does not > exist: /usr/local/www/data/test/ > [Mon Dec 4 15:19:18 2006] [error] mod_ssl: SSL handshake failed (server > new.host.name:443, client 82.200.22.129) (OpenSSL library error follows) > [Mon Dec 4 15:19:18 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected > message > [Tue Dec 5 03:50:31 2006] [error] mod_ssl: SSL handshake failed (server > new.host.name:443, client 82.200.22.129) (OpenSSL library error follows) > [Tue Dec 5 03:50:31 2006] [error] OpenSSL: error:1408E0F4:SSL routines:SSL3_GET_MESSAGE:unexpected > message > [Tue Dec 5 04:19:26 2006] [error] mod_ssl: SSL handshake failed (server > new.host.name:443, client 204.11.227.220) (OpenSSL library error follows) > [Tue Dec 5 04:19:26 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https > proxy request [Hint: speaking HTTP to HTTPS port!?] > [Tue Dec 5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Tue Dec 5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Tue Dec 5 04:19:27 2006] [error] [client 204.11.227.220] request failed: error > reading the headers > [Tue Dec 5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Tue Dec 5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Tue Dec 5 04:19:27 2006] [error] [client 204.11.227.220] Client sent malformed > Host header > [Tue Dec 5 04:19:27 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Tue Dec 5 04:19:27 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Tue Dec 5 04:19:27 2006] [error] [client 204.11.227.220] Client sent malformed > Host header > [Tue Dec 5 04:19:28 2006] [error] mod_ssl: SSL handshake failed (server > new.host.name:443, client 204.11.227.220) (OpenSSL library error follows) > [Tue Dec 5 04:19:28 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https > proxy request [Hint: speaking HTTP to HTTPS port!?] > [Tue Dec 5 04:19:28 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Tue Dec 5 04:19:28 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Tue Dec 5 04:19:28 2006] [error] [client 204.11.227.220] request failed: error > reading the headers > [Tue Dec 5 04:19:29 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Tue Dec 5 04:19:29 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Tue Dec 5 04:19:29 2006] [error] [client 204.11.227.220] Client sent malformed > Host header > [Tue Dec 5 04:19:29 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Tue Dec 5 04:19:29 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Tue Dec 5 04:19:29 2006] [error] [client 204.11.227.220] Client sent malformed > Host header > [Wed Dec 6 06:39:58 2006] [error] mod_ssl: SSL handshake failed (server > new.host.name:443, client 213.239.206.209) (OpenSSL library error follows) > [Wed Dec 6 06:39:58 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https > proxy request [Hint: speaking HTTP to HTTPS port!?] > [Wed Dec 6 06:39:58 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Wed Dec 6 06:39:58 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Wed Dec 6 06:39:58 2006] [error] [client 213.239.206.209] request failed: error > reading the headers > [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed > Host header > [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed > Host header > [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed (server > new.host.name:443, client 213.239.206.209) (OpenSSL library error follows) > [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609B:SSL routines:SSL23_GET_CLIENT_HELLO:https > proxy request [Hint: speaking HTTP to HTTPS port!?] > [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] request failed: error > reading the headers > [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed > Host header > [Wed Dec 6 06:39:59 2006] [error] mod_ssl: SSL handshake failed: HTTP > spoken on HTTPS port; trying to send HTML error page (OpenSSL > library error follows) > [Wed Dec 6 06:39:59 2006] [error] OpenSSL: error:1407609C:SSL routines:SSL23_GET_CLIENT_HELLO:http > request [Hint: speaking HTTP to HTTPS port!?] > [Wed Dec 6 06:39:59 2006] [error] [client 213.239.206.209] Client sent malformed > Host header > httpd-access.log > 213.239.206.209 - - [06/Dec/2006:06:39:58 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" > 400 375 > 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" > 400 323 > 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" > 400 323 > 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" > 400 375 > 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" > 400 323 > 213.239.206.209 - - [06/Dec/2006:06:39:59 +0300] "GET /mod_ssl:error:HTTP-request HTTP/1.0" > 400 323 > Неужели все из-за openssl? > Подскажите плз - уже несколько дней безрезультатно пытаюсь отыскать откуда же отправляются > письма > os Freebsd.
	Введите код, изображенный на картинке:

При общении не допускается: неуважительное отношение к собеседнику, хамство, унизительное обращение, ненормативная лексика, переход на личности, агрессивное поведение, обесценивание собеседника, провоцирование флейма голословными и заведомо ложными заявлениями. Не отвечайте на сообщения, явно нарушающие правила - удаляются не только сами нарушения, но и все ответы на них. Лог модерирования.

Партнёры:

Хостинг:

Закладки на сайте
Проследить за страницей

Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру