切换到宽版
  • 9152阅读
  • 7回复

[求助]如何确认是否是因为域账户密码被盗而导致的大量收到垃圾邮件? [复制链接]

上一主题 下一主题
 
只看楼主 倒序阅读 0楼  发表于: 2013-12-04
诸位大哥,我这exchange从最近几天开始,收到大量垃圾邮件,附件还带病毒,大多数都是以@bankvrn.ru以及@aha.ru发过来的邮件。
是否有一种手段,可以确认是域内哪个账号被盗引起的,因为我看日志里面出现了好多国外的IP,关键是,如果确实是域内账号被盗,怎么把这个账号找出来?谢谢
分享到

只看该作者 1楼  发表于: 2013-12-09
Re:如何确认是否是因为域账户密码被盗而导致的大量收到垃圾邮 ..
你是如何推断出这些垃圾邮件是由于域内账号被盗引起的?日志具体内容贴出来看看。

如果是来自特定域的邮件,建议通过防垃圾邮件网关或者软件阻拦。
只看该作者 2楼  发表于: 2013-12-13
Re:如何确认是否是因为域账户密码被盗而导致的大量收到垃圾邮 ..
013-12-01 00:04:27 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<A76D8006D52D6CA2AC6EB7BB6C892658@dol.ru> 250 0 125 1798 797 SMTP - - - -
2013-12-01 00:04:27 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<info@bankvrn.ru> 250 0 40 28 0 SMTP - - - -
2013-12-01 00:04:27 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<belle.yuan@betterbt.com> 250 0 36 33 0 SMTP - - - -
2013-12-01 00:04:27 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<gundar@bankvrn.ru> 250 0 42 30 0 SMTP - - - -
2013-12-01 00:04:27 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<belly.yuan@betterbt.com> 250 0 36 33 0 SMTP - - - -
2013-12-01 00:04:28 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<529A79B0.507060@bankvrn.ru> 250 0 112 1814 828 SMTP - - - -
2013-12-01 00:04:28 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<5RVTUU-NNLET4-NS@bankvrn.ru> 250 0 113 1865 844 SMTP - - - -
2013-12-01 00:04:28 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<info@bankvrn.ru> 250 0 40 28 0 SMTP - - - -
2013-12-01 00:04:28 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<berry.li@betterbt.com> 250 0 34 31 0 SMTP - - - -
2013-12-01 00:04:28 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<autokreditbank@googlemail.com> 250 0 54 42 0 SMTP - - - -
2013-12-01 00:04:28 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<better.all@betterbt.com> 250 0 36 33 0 SMTP - - - -
2013-12-01 00:04:30 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<1D9B7488461E796E861B468F114B3369@bankvrn.ru> 250 0 129 1838 813 SMTP - - - -
2013-12-01 00:04:30 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<F3UV06-MTUMYE-SE@googlemail.com> 250 0 117 1850 813 SMTP - - - -
2013-12-01 00:04:30 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<autokredit@gmail.com> 250 0 45 33 0 SMTP - - - -
2013-12-01 00:04:30 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<better@betterbt.com> 250 0 32 29 0 SMTP - - - -
2013-12-01 00:04:30 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:04:30 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<betty.fan@betterbt.com> 250 0 35 32 0 SMTP - - - -
2013-12-01 00:04:31 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<291C0E76EF41A4A08F403BBD021DFF9D@bankvrn.ru> 250 0 129 1886 797 SMTP - - - -
2013-12-01 00:04:31 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<0144E27325664966867E3D9C2A378AF6@gmail.com> 250 0 128 1831 813 SMTP - - - -
2013-12-01 00:04:31 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<office@autokreditbank.ru> 250 0 49 37 0 SMTP - - - -
2013-12-01 00:04:31 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<info@bankvrn.ru> 250 0 40 28 0 SMTP - - - -
2013-12-01 00:04:31 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<bg2@betterbt.com> 250 0 29 26 0 SMTP - - - -
2013-12-01 00:04:31 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<bg1@betterbt.com> 250 0 29 26 0 SMTP - - - -
2013-12-01 00:04:33 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<6BEE90809B11EDDD9B0B626E08AACE92@autokreditbank.ru> 250 0 136 1893 797 SMTP - - - -
2013-12-01 00:04:33 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<B6F6B18EA64CF1D883761F66DEB9F049@bankvrn.ru> 250 0 129 1892 797 SMTP - - - -
2013-12-01 00:04:33 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:04:33 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<brown.zhu@betterbt.com> 250 0 35 32 0 SMTP - - - -
2013-12-01 00:04:33 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<mnibank@dol.ru> 250 0 39 27 0 SMTP - - - -
2013-12-01 00:04:33 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<brad.chen@betterbt.com> 250 0 35 32 0 SMTP - - - -
2013-12-01 00:04:34 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<529A79B0.809030@dol.ru> 250 0 108 1819 797 SMTP - - - -
2013-12-01 00:04:34 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<0F694D1D386D37A002CB271B3C8942D8@bankvrn.ru> 250 0 129 1894 812 SMTP - - - -
2013-12-01 00:04:34 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:04:34 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<bruce.wang@betterbt.com> 250 0 36 33 0 SMTP - - - -
2013-12-01 00:04:34 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:04:34 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<caitao@betterbt.com> 250 0 32 29 0 SMTP - - - -
2013-12-01 00:04:35 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<529A79B0.901080@bankvrn.ru> 250 0 112 1915 891 SMTP - - - -
2013-12-01 00:04:35 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<529A79B0.109030@bankvrn.ru> 250 0 112 1832 875 SMTP - - - -
2013-12-01 00:04:35 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:04:35 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<carrie.chen@betterbt.com> 250 0 37 34 0 SMTP - - - -
2013-12-01 00:04:35 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<gundar@bankvrn.ru> 250 0 42 30 0 SMTP - - - -
2013-12-01 00:04:35 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<candy.yang@betterbt.com> 250 0 36 33 0 SMTP - - - -
2013-12-01 00:04:37 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<85W6W3-R4FC59-OH@bankvrn.ru> 250 0 113 1849 782 SMTP - - - -
2013-12-01 00:04:37 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<52E39FEC913478C5773969DECC89409C@bankvrn.ru> 250 0 129 1927 797 SMTP - - - -
2013-12-01 00:04:37 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<mnibank@dol.ru> 250 0 39 27 0 SMTP - - - -
2013-12-01 00:04:37 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<cathy.lu@betterbt.com> 250 0 34 31 0 SMTP - - - -
2013-12-01 00:04:37 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 QUIT - host-80-47-78-120.as13285.net 240 11594 21 4 282 SMTP - - - -
2013-12-01 00:04:38 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<62B577D72BAFFCCF3D3B848F9218F5B0@dol.ru> 250 0 125 1836 829 SMTP - - - -
2013-12-01 00:04:38 80.47.78.120 host-80-47-78-120.as13285.net SMTPSVC1 SERVER 192.168.100.254 0 QUIT - host-80-47-78-120.as13285.net 240 12656 61 4 0 SMTP - - - -
2013-12-01 00:06:41 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 EHLO - +217-79-123-18.kodakdentalpayg.managedbroadband.co.uk 250 0 314 57 0 SMTP - - - -
2013-12-01 00:06:43 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<office@autokreditbank.ru> 250 0 49 37 0 SMTP - - - -
2013-12-01 00:06:43 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<abel.shen@betterbt.com> 250 0 35 32 0 SMTP - - - -
2013-12-01 00:06:45 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<529A7D0E.705040@autokreditbank.ru> 250 0 119 1912 2094 SMTP - - - -
2013-12-01 00:06:48 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<mnibank@dol.ru> 250 0 39 27 0 SMTP - - - -
2013-12-01 00:06:48 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<alex.zhang@betterbt.com> 250 0 36 33 0 SMTP - - - -
2013-12-01 00:06:50 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<B4A338575EAF7D34AC0F5D0A2DA3D156@dol.ru> 250 0 125 1883 2328 SMTP - - - -
2013-12-01 00:06:54 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:06:54 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<alice.yue@betterbt.com> 250 0 35 32 0 SMTP - - - -
2013-12-01 00:06:56 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<CB8358CFFBC39FB04985B19EA7915C45@bankvrn.ru> 250 0 129 1893 2360 SMTP - - - -
2013-12-01 00:07:00 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<gundar@bankvrn.ru> 250 0 42 30 0 SMTP - - - -
2013-12-01 00:07:00 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<all@betterbt.com> 250 0 29 26 0 SMTP - - - -
2013-12-01 00:07:02 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<2P5G13-52KWGA-DL@bankvrn.ru> 250 0 113 1915 2484 SMTP - - - -
2013-12-01 00:07:09 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<autokreditbank@googlemail.com> 250 0 54 42 0 SMTP - - - -
2013-12-01 00:07:09 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<alvin.wu@betterbt.com> 250 0 34 31 0 SMTP - - - -
2013-12-01 00:07:11 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 EHLO - +217-79-123-18.kodakdentalpayg.managedbroadband.co.uk 250 0 314 57 0 SMTP - - - -
2013-12-01 00:07:11 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<5DPSE2-VZZXIH-TX@googlemail.com> 250 0 117 1989 1953 SMTP - - - -
2013-12-01 00:07:12 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<landbank@aha.ru> 250 0 40 28 0 SMTP - - - -
2013-12-01 00:07:12 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<administrator@betterbt.com> 250 0 39 36 0 SMTP - - - -
2013-12-01 00:07:13 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<gundar@bankvrn.ru> 250 0 42 30 0 SMTP - - - -
2013-12-01 00:07:13 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<amy.liu@betterbt.com> 250 0 33 30 0 SMTP - - - -
2013-12-01 00:07:15 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<92CFFFDE7ED12C4EB77D84C4FA7ED374@aha.ru> 250 0 125 1940 3250 SMTP - - - -
2013-12-01 00:07:15 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<D620D9C53090BB5A0E894FF52927F3B7@bankvrn.ru> 250 0 129 1907 1922 SMTP - - - -
2013-12-01 00:07:18 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<gundar@bankvrn.ru> 250 0 42 30 0 SMTP - - - -
2013-12-01 00:07:18 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<amy.qian@betterbt.com> 250 0 34 31 0 SMTP - - - -
2013-12-01 00:07:18 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<mnibank@dol.ru> 250 0 39 27 0 SMTP - - - -
2013-12-01 00:07:18 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<amy.wang@betterbt.com> 250 0 34 31 0 SMTP - - - -
2013-12-01 00:07:21 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<24A87869B684E6E5D76E59A656B7EAE4@bankvrn.ru> 250 0 129 1856 2203 SMTP - - - -
2013-12-01 00:07:21 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<529A7D0E.409050@dol.ru> 250 0 108 1828 2250 SMTP - - - -
2013-12-01 00:07:25 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:07:25 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<andy.chen@betterbt.com> 250 0 35 32 0 SMTP - - - -
2013-12-01 00:07:25 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<autokreditbank@googlemail.com> 250 0 54 42 0 SMTP - - - -
2013-12-01 00:07:25 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<andy.huang@betterbt.com> 250 0 36 33 0 SMTP - - - -
2013-12-01 00:07:27 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<529A7D0E.303070@bankvrn.ru> 250 0 112 1880 1547 SMTP - - - -
2013-12-01 00:07:28 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<820EF42E38A6456994D9922817DB679D@googlemail.com> 250 0 133 1970 2657 SMTP - - - -
2013-12-01 00:07:28 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:07:28 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<andy.yang@betterbt.com> 250 0 35 32 0 SMTP - - - -
2013-12-01 00:07:30 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<gundar@bankvrn.ru> 250 0 42 30 0 SMTP - - - -
2013-12-01 00:07:30 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<ange.he@betterbt.com> 250 0 33 30 0 SMTP - - - -
2013-12-01 00:07:30 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<VX491W-DMC4KK-WI@bankvrn.ru> 250 0 113 1865 1625 SMTP - - - -
2013-12-01 00:07:32 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<A4A0498DC13FECB9743DBD2614B0A4C1@bankvrn.ru> 250 0 129 1886 1735 SMTP - - - -
2013-12-01 00:07:32 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<mnibank@dol.ru> 250 0 39 27 0 SMTP - - - -
2013-12-01 00:07:32 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<angel.he@betterbt.com> 250 0 34 31 0 SMTP - - - -
2013-12-01 00:07:34 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<shukkareva@bankvrn.ru> 250 0 46 34 0 SMTP - - - -
2013-12-01 00:07:34 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<anna.lei@betterbt.com> 250 0 34 31 0 SMTP - - - -
2013-12-01 00:07:34 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<529A7D0E.502080@dol.ru> 250 0 108 1847 1781 SMTP - - - -
2013-12-01 00:07:36 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<7169199AC37BED86CC88285B2C549D84@bankvrn.ru> 250 0 129 1881 1844 SMTP - - - -
2013-12-01 00:07:36 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<landbank@aha.ru> 250 0 40 28 0 SMTP - - - -
2013-12-01 00:07:36 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<annie.zhang@betterbt.com> 250 0 37 34 0 SMTP - - - -
2013-12-01 00:07:42 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<info@bankvrn.ru> 250 0 40 28 0 SMTP - - - -
2013-12-01 00:07:42 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<anson.kang@betterbt.com> 250 0 36 33 0 SMTP - - - -
2013-12-01 00:07:51 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<S0VLBE-442YN0-1B@aha.ru> 250 0 109 1911 14078 SMTP - - - -
2013-12-01 00:07:52 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<O823CH-9JPDDQ-UN@bankvrn.ru> 250 0 113 1917 9984 SMTP - - - -
2013-12-01 00:07:52 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<info@bankvrn.ru> 250 0 40 28 0 SMTP - - - -
2013-12-01 00:07:52 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<apple.shi@betterbt.com> 250 0 35 32 0 SMTP - - - -
2013-12-01 00:07:54 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<landbank@aha.ru> 250 0 40 28 0 SMTP - - - -
2013-12-01 00:07:54 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 RCPT - +TO:<april.zhang@betterbt.com> 250 0 37 34 0 SMTP - - - -
2013-12-01 00:07:54 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<5D3NUO-49KSO7-V6@bankvrn.ru> 250 0 113 1972 1829 SMTP - - - -
2013-12-01 00:07:56 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 DATA - +<2ED1335C2C6F02696922179C31B677C4@aha.ru> 250 0 125 1903 1812 SMTP - - - -
2013-12-01 00:07:57 217.79.123.18 217-79-123-18.kodakdentalpayg.managedbroadband.co.uk SMTPSVC1 SERVER 192.168.100.254 0 MAIL - +FROM:+<autokreditbank@googlemail.com> 250 0 54 42 0 SMTP - - - -
只看该作者 3楼  发表于: 2013-12-13
Re:如何确认是否是因为域账户密码被盗而导致的大量收到垃圾邮 ..
二楼,我们是小企业,老板一般不会出钱买这些东西。想问下,是否有什么免费软件可以用?
只看该作者 4楼  发表于: 2013-12-13
Re:如何确认是否是因为域账户密码被盗而导致的大量收到垃圾邮 ..
万分感谢
只看该作者 5楼  发表于: 2013-12-13
Re:如何确认是否是因为域账户密码被盗而导致的大量收到垃圾邮 ..
此外,有什么切实的办法,可以锁定域内被盗账号?

只看该作者 6楼  发表于: 2013-12-13
回 hexstar 的帖子
hexstar:此外,有什么切实的办法,可以锁定域内被盗账号? (2013-12-13 00:38) 

如果betterbt.com是贵公司的邮箱后缀, 将bankvrm.ru和aha.ru这两个地址加到block list里面.
如果betterbt.com不是贵公司的邮箱后缀, 关闭exchange服务器上的中继代理.
Exchange中文站10周年献礼。Exchange2016中文视频教程热销中:edu.exchangecn.com/course/12
只看该作者 7楼  发表于: 2014-11-24
Re:如何确认是否是因为域账户密码被盗而导致的大量收到垃圾邮 ..
非常感谢楼上
快速回复
限60 字节
 
上一个 下一个