Zdravím po delší době uživatele fóra s problémem, se kterým si absolutně nevím rady. Dnes mi O2 zablokoval smtp server z duvodu odesílani velkeho mnozstvi zprav. KOulnul jsem do /var/log mail a opravdu soubor obsahoval zprávy viz níže.... Odinstaloval jsem nullmailer a vše se zdá být OK, oázkou ale zůstává, zda je systém bezpečný, případně jak toto mohlo vzniknout. Stačí změnit heslo roota, případně co s tím......
JInak na PC jsou virtualní stroje a stroj je ve vnitřní síti, kde jsou stejní uživatelé a hesla. Vůbec nevím, jak se to mohlo stát, kde se maily generují, jak PC zkontrolovat, případně jak se to do počítače dostalo.
Na google jsem našel doporučení reinstalace počítače, což se mi moc nechce.
Děkuji za návrhy a rady
Hyp
PS posilam výpis mail.log a souces.list
May 26 08:24:39 SERVER1 nullmailer[27761]: smtp: Failed: Connect failed
May 26 08:24:39 SERVER1 nullmailer[1359]: Sending failed: Connection failed
May 26 08:24:39 SERVER1 nullmailer[1359]: Starting delivery: protocol: smtp host: smtp.iol.cz file: 1365063430.8129
May 26 08:24:39 SERVER1 nullmailer[1359]: Starting delivery, 161 message(s) in queue.
May 26 08:26:47 SERVER1 nullmailer[27802]: smtp: Failed: Connect failed
May 26 08:26:47 SERVER1 nullmailer[1359]: Sending failed: Connection failed
May 26 08:26:47 SERVER1 nullmailer[1359]: Starting delivery: protocol: smtp host: smtp.iol.cz file: 1356938486.14532
May 26 08:26:47 SERVER1 nullmailer[1359]: Starting delivery, 161 message(s) in queue.
May 26 08:28:54 SERVER1 nullmailer[27803]: smtp: Failed: Connect failed
May 26 08:28:54 SERVER1 nullmailer[1359]: Sending failed: Connection failed
May 26 08:28:54 SERVER1 nullmailer[1359]: Starting delivery: protocol: smtp host: smtp.iol.cz file: 1356418431.28136
May 26 08:28:54 SERVER1 nullmailer[1359]: Starting delivery, 161 message(s) in queue.
May 26 08:31:01 SERVER1 nullmailer[27808]: smtp: Failed: Connect failed
May 26 08:31:01 SERVER1 nullmailer[1359]: Sending failed: Connection failed
May 26 08:31:01 SERVER1 nullmailer[1359]: Starting delivery: protocol: smtp host: smtp.iol.cz file: 1355641400.8321
May 26 08:31:01 SERVER1 nullmailer[1359]: Starting delivery, 161 message(s) in queue.
May 26 08:33:08 SERVER1 nullmailer[27810]: smtp: Failed: Connect failed
May 26 08:33:08 SERVER1 nullmailer[1359]: Sending failed: Connection failed
May 26 08:33:08 SERVER1 nullmailer[1359]: Starting delivery: protocol: smtp host: smtp.iol.cz file: 1358751017.25953
May 26 08:33:08 SERVER1 nullmailer[1359]: Starting delivery, 161 message(s) in queue.
May 26 08:35:16 SERVER1 nullmailer[27814]: smtp: Failed: Connect failed
May 26 08:35:16 SERVER1 nullmailer[1359]: Sending failed: Connection failed
May 26 08:35:16 SERVER1 nullmailer[1359]: Starting delivery: protocol: smtp host: smtp.iol.cz file: 1365747314.20412
May 26 08:35:16 SERVER1 nullmailer[1359]: Starting delivery, 161 message(s) in queue.
May 26 08:37:23 SERVER1 nullmailer[27815]: smtp: Failed: Connect failed
May 26 08:37:23 SERVER1 nullmailer[1359]: Sending failed: Connection failed
May 26 08:37:23 SERVER1 nullmailer[1359]: Starting delivery: protocol: smtp host: smtp.iol.cz file: 1359097253.4284
May 26 08:37:23 SERVER1 nullmailer[1359]: Starting delivery, 161 message(s) in queue.
May 26 08:39:30 SERVER1 nullmailer[27816]: smtp: Failed: Connect failed
sources.list
# deb cdrom:[Ubuntu 12.10 _Quantal Quetzal_ - Release i386 (20121017.2)]/ quantal main restricted
# deb cdrom:[Ubuntu 12.04.1 LTS _Precise Pangolin_ - Release amd64 (20120823.1)]/ precise main restricted
# deb cdrom:[Ubuntu 12.04.1 LTS _Precise Pangolin_ - Release amd64 (20120823.1)]/ dists/precise/restricted/binary-i386/
# deb cdrom:[Ubuntu 12.04.1 LTS _Precise Pangolin_ - Release amd64 (20120823.1)]/ dists/precise/main/binary-i386/
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://cz.archive.ubuntu.com/ubuntu/ raring main restricted
deb-src http://cz.archive.ubuntu.com/ubuntu/ raring main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://cz.archive.ubuntu.com/ubuntu/ raring-updates main restricted
deb-src http://cz.archive.ubuntu.com/ubuntu/ raring-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://cz.archive.ubuntu.com/ubuntu/ raring universe
deb-src http://cz.archive.ubuntu.com/ubuntu/ raring universe
deb http://cz.archive.ubuntu.com/ubuntu/ raring-updates universe
deb-src http://cz.archive.ubuntu.com/ubuntu/ raring-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://cz.archive.ubuntu.com/ubuntu/ raring multiverse
deb-src http://cz.archive.ubuntu.com/ubuntu/ raring multiverse
deb http://cz.archive.ubuntu.com/ubuntu/ raring-updates multiverse
deb-src http://cz.archive.ubuntu.com/ubuntu/ raring-updates multiverse
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
deb http://cz.archive.ubuntu.com/ubuntu/ raring-backports main restricted universe multiverse
deb-src http://cz.archive.ubuntu.com/ubuntu/ raring-backports main restricted universe multiverse
deb http://security.ubuntu.com/ubuntu raring-security main restricted
deb-src http://security.ubuntu.com/ubuntu raring-security main restricted
deb http://security.ubuntu.com/ubuntu raring-security universe
deb-src http://security.ubuntu.com/ubuntu raring-security universe
deb http://security.ubuntu.com/ubuntu raring-security multiverse
deb-src http://security.ubuntu.com/ubuntu raring-security multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu precise partner
# deb-src http://archive.canonical.com/ubuntu precise partner
## This software is not part of Ubuntu, but is offered by third-party
## developers who want to ship their latest software.
deb http://extras.ubuntu.com/ubuntu raring main
deb-src http://extras.ubuntu.com/ubuntu raring main
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
## Major bug fix updates produced after the final release of the
## distribution.
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
# deb http://archive.canonical.com/ubuntu quantal partner
# deb-src http://archive.canonical.com/ubuntu quantal partner
## This software is not part of Ubuntu, but is offered by third-party
## developers who want to ship their latest software.
Téma: Zabezpečnení mailu, prolomení smtp... (Přečteno 1642 krát)