引用:
From - Tue Feb 14 10:36:43 2012
X-Account-Key: account3
X-UIDL: 1323331640.546
X-Mozilla-Status: 0001
X-Mozilla-Status2: 00000000
X-Mozilla-Keys:
Return-Path: <[email protected]>
X-Original-To:
Delivered-To:
Received: from mail.sysdotnetwork.idv.tw (unknown [192.168.200.252])
by mail.sysnetwork.idv.tw (Postfix) with ESMTP id D0E1A9D202F
for <[email protected]>; Tue, 14 Feb 2012 10:36:11 +0800 (CST)
Received: by mail.sysdotnetwork.idv.tw (Postfix)
id ACE6734FAC9; Tue, 14 Feb 2012 10:36:11 +0800 (CST)
Delivered-To:
Received-SPF: none (yahoo.com.tw: No applicable sender policy available) receiver=MailGateway; identity=mailfrom; envelope-from="[email protected]"; helo=nm4.bullet.mail.sg1.yahoo.com; client-ip=115.178.12.226
Received: from nm4.bullet.mail.sg1.yahoo.com (nm4.bullet.mail.sg1.yahoo.com [115.178.12.226])
by mail.sysdotnetwork.idv.tw (Postfix) with SMTP id 272A234FAC9
for <[email protected]>; Tue, 14 Feb 2012 10:36:05 +0800 (CST)
Received: from [115.178.12.227] by nm4.bullet.mail.sg1.yahoo.com with NNFMP; 14 Feb 2012 02:36:03 -0000
Received: from [124.108.123.208] by tm6.bullet.mail.sg1.yahoo.com with NNFMP; 14 Feb 2012 02:36:03 -0000
Received: from [127.0.0.1] by smtp109.mail.sg1.yahoo.com with NNFMP; 14 Feb 2012 02:36:03 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com.tw; s=s1024; t=1329186963; bh=KbxpL0lrl/0pnfgAONCQMknMaTXStJWcU+Kzng/AaQI=; h=X-Yahoo-Newman-Id:Message-ID:X-Yahoo-Newman-Property:X-YMail-OSG:X-Yahoo-SMTP:Received:From:Subject:To:Content-Type:Content-Transfer-Encoding ate; b=Dy9b6mkSoauhRdHEwSJcfhjivLzlvCNxObI4QVIARrUQeigYllVvOeq57eOZOFS+5tdMKet9RIndA5oqCucCymIZYaHdhcskYsLVcy0/RCFnt9xlS+yz0/bqqlUmIepw8dWWg8lQqOdi+GB6OJByebSv5n0zHLa0qKCch7IQbTk=
X-Yahoo-Newman-Id:
Message-ID: <[email protected]>
X-Yahoo-Newman-Property: ymail-3
X-YMail-OSG: wO9loiwVM1lZisXjt8IE0x43PVSC3dceQOTi8PEoQLUvSsb
j2NRahzhLscsGNfKbgUsIGboNBXqRS7qdUEY3rTOELaAr5COPwFjrV6IH017
6bL88RMuKsuI7Rk1qKxhJ1mhZqfpXP2OUiKTwa1d3KZLyLiC_8c_TQmZqiEz
NprOi2TH.6e78aTP8biXKpBhSHlZeZzO9m_.iEvJjmdMmlIiqlG_SSkQga8Z
bFYx9pIw_5BT904M50Vk8MLVUAKvjcAM1P3Kwho5cAE8wZPYZS0ncJjfvYIP
vHHVt_Fkjw1XdAgqjllWDQYNTrsAMW.EaxOMxN0woX5LNlnXi0u5JN0LQXBn
Zt3uHkVnni3AfLMK2kHBcyOP_2IE8YigHz9gp9y3vyXA7kpMTqpDgznQaCI1
Kbhc1RbnQa1DIkTAXV0SVkYrq8CjxDqripr.a9bdvUxu.0t97wbOi8PH349T
VEgYfXCRyMsYNlDXJ_4YZjktVZaVj5F0A5FjiDsYJWgDI3E1eFhzY6w8ucq1
E0EpyrUlFyypiCC_FtnulXGPz
X-Yahoo-SMTP: Mfb35iWswBAlZyLp.UhBCdACJdiZr_g4Ob8KaESixg--
Received: from zakkva.com ([email protected] with login)
by smtp109.mail.sg1.yahoo.com with SMTP; 14 Feb 2012 10:36:02 +0800 SGT
From: =?Big5?B?paimS7lxuKOmbrFks/g=?= <[email protected]>
Subject: {Spam?} =?Big5?B?pcGw6jEwMaZ+QVBQs9C3fqRIpH6w9rBWsU2u1w==?=
To: Undisclosed-Recipient<Undisclosed-Recipient@emailpass>
Content-Type: text/html; charset=big5
Content-Transfer-Encoding: quoted-printable
Date: Tue, 14 Feb 2012 10:29:49 +0800
MIME-Version: 1.0
X-yoursite-MailScanner-Information: Please contact the ISP for more information
X-yoursite-MailScanner-ID: 272A234FAC9.A5133
X-yoursite-MailScanner: Found to be clean
X-yoursite-MailScanner-SpamCheck: spam, SpamAssassin (not cached,
score=7.393, required 6, HTML_FONT_BIG 0.23, HTML_IMAGE_ONLY_12 1.47,
HTML_MESSAGE 0.00, HTML_MIME_NO_HTML_TAG 0.10,
HTML_OBFUSCATE_50_60 1.34, MIME_HTML_ONLY 1.16, TO_MALFORMED 2.25,
URIBL_PH_SURBL 0.84)
X-yoursite-MailScanner-SpamScore: sssssss
X-yoursite-MailScanner-From:
X-Spam-Status: Yes
|
以上是我收到的垃圾信之mail header , 其中 192.168.200.252 是我自己的內部網路IP
這個ip是我自己的MailGateway , 它會先過濾進入的mail , 然後再往內部Mail Server傳送
如果是SPAM ,則會留在MailGateway 隔離區 !!
最近有點麻煩的是來自於Yahoo的IP address會傳送SPAM , 我查了好幾次 , 對方的IP
確定沒有開SMTP Port , 換句話說 ,它利用的方法是 使用我的MailGateway SMTP Port
寄信給我的帳號 , 因為是來自於Yahoo的IP ,所以我的MailGateway會相信它傳送的Mail
因此就這樣被攻入幾次 !!
我猜對方應該是濫用WEB service , 使用PHP之類的CGI程式傳送SPAM , 但我想檢舉它
卻找不到任何可以主動與Yahoo聯絡的方式 , 想請教的是 , 可有管道向Yahoo檢舉這樣的行為嗎??
之前Googlegroups 也有類似的狀況 , 但只要收到spam後,可以向google舉發濫用資源
之後就不再會收到任何發自於Google的SPAM , 但最近Yahoo越來越多這種狀況 , 實在不勝其擾
於是我目前的做法是, 整個將Yahoo的IP block 要連向我的MailGateway SMTP Port
予以拒絕來處理 , 算是比較被動的方法 , 這算是沒有辦法中的辦法...