Приветствую!
Провайдер пожаловался мне на спам с моего сервера, проверил логи и вижу следующее:
Feb 22 17:21:36 main-serv sendmail[13560]: gethostbyaddr(192.168.0.4) failed: 1
Feb 22 17:21:36 main-serv sendmail[13563]: starting daemon (8.14.4): SMTP+queueing@01:00:00
Feb 22 17:21:42 main-serv sendmail[13594]: 41MELgIZ013594: Milter (greylist): local socket name /var/run/milter-greylist/milter-greylist.sock unsafe
Feb 22 17:21:42 main-serv sendmail[13594]: 41MELgIZ013594: Milter (greylist): to error state
Feb 22 17:21:51 main-serv sendmail[13612]: 41MELpI6013612: Milter (greylist): local socket name /var/run/milter-greylist/milter-greylist.sock unsafe
Feb 22 17:21:51 main-serv sendmail[13612]: 41MELpI6013612: Milter (greylist): to error state
Feb 22 17:21:55 main-serv sendmail[13594]: 41MELgIa013594: 128.hosted-by.17mx.com [47.119.14.128] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4
Feb 22 17:21:56 main-serv sendmail[13564]: 41M8w0a3016496: to=<noreply@mail.canadaexpress.org>, delay=05:23:56, xdelay=00:00:20, mailer=esmtp, pri=570000, relay=mail.canadaexpress.org. [212.146.224.42], dsn=4.0.0, stat=Deferred: Connection timed out with mail.canadaexpress.org.
Feb 22 17:21:58 main-serv sendmail[13615]: 41MELwH1013615: Milter (greylist): local socket name /var/run/milter-greylist/milter-greylist.sock unsafe
Feb 22 17:21:58 main-serv sendmail[13615]: 41MELwH1013615: Milter (greylist): to error state
Feb 22 17:22:02 main-serv sendmail[13612]: 41MELpI7013612: 179.hosted-by.17mx.com [41.101.14.179] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4
Feb 22 17:22:09 main-serv sendmail[13615]: 41MELwH2013615: 128.hosted-by.17mx.com [47.119.14.128] (may be forged) did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA-v4
Feb 22 17:22:09 main-serv sendmail[13633]: 41MEM94N013633: Milter (greylist): local socket name /var/run/milter-greylist/milter-greylist.sock unsafe
Feb 22 17:22:09 main-serv sendmail[13633]: 41MEM94N013633: Milter (greylist): to error state
Feb 22 17:22:13 main-serv sendmail[13634]: 41MEMDLu013634: Milter (greylist): local socket name /var/run/milter-greylist/milter-greylist.sock unsafe
Feb 22 17:22:13 main-serv sendmail[13634]: 41MEMDLu013634: Milter (greylist): to error state
Feb 23 15:46:47 main-serv sendmail[6873]: ruleset=check_relay, arg1=[41.101.14.179], arg2=41.101.14.179, relay=179.hosted-by.17mx.com [41.101.14.179] (may be forged), reject=421 4.3.2 Connection rate limit exceeded.
Feb 23 15:46:55 main-serv sendmail[6888]: ruleset=check_relay, arg1=[47.119.14.128], arg2=47.119.14.128, relay=128.hosted-by.17mx.com [47.119.14.128] (may be forged), reject=421 4.3.2 Connection rate limit exceeded.
Feb 23 15:47:02 main-serv sendmail[6900]: ruleset=check_relay, arg1=[141.98.11.95], arg2=141.98.11.95, relay=srv-141-98-11-95.serveroffer.net [141.98.11.95] (may be forged), reject=421 4.3.2 Connection rate limit exceeded.
Feb 23 15:47:05 main-serv sendmail[6905]: ruleset=check_relay, arg1=[41.101.14.179], arg2=41.101.14.179, relay=179.hosted-by.17mx.com [41.101.14.179] (may be forged), reject=421 4.3.2 Connection rate limit exceeded.
Feb 23 15:47:11 main-serv sendmail[6919]: ruleset=check_relay, arg1=[47.119.14.128], arg2=47.119.14.128, relay=128.hosted-by.17mx.com [47.119.14.128] (may be forged), reject=421 4.3.2 Connection rate limit exceeded.
Feb 23 15:42:29 main-serv sendmail[6249]: 41N5cC1A008177: to=<chtbize+bncBCAYHO7RQEHRB5G54CXAMGQEATMM52I@googlegroups.com>, delay=07:04:16, xdelay=00:00:15, mailer=esmtp, pri=750000, relay=alt2.gmr-smtp-in.l.google.com. [113.114.212.18], dsn=4.0.0, stat=Deferred: Connection timed out with alt2.gmr-smtp-in.l.google.com.
Feb 23 15:42:29 main-serv sendmail[6249]: 41N4I9jQ029682: to=<roleuae02+bncBCQ5XCWE6UFRBF5Y4CXAMGQE7KGXTFA@googlegroups.com>, delay=08:24:20, xdelay=00:00:00, mailer=esmtp, pri=840000, relay=alt1.gmr-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred: Connection timed out with alt1.gmr-smtp-in.l.google.com.
Feb 23 15:42:29 main-serv sendmail[6249]: 41N4I821029673: to=<roleuae02+bncBAABBF5Y4CXAMGQE6KU54FA@googlegroups.com>, delay=08:24:21, xdelay=00:00:00, mailer=esmtp, pri=840000, relay=alt2.gmr-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred: Connection timed out with alt2.gmr-smtp-in.l.google.com.
Feb 23 15:42:29 main-serv sendmail[6249]: 41N4I8n0029672: to=<roleuae02+bncBDFZ327WSEJBBF5Y4CXAMGQEFBFPVZA@googlegroups.com>, delay=08:24:21, xdelay=00:00:00, mailer=esmtp, pri=840000, relay=alt2.gmr-smtp-in.l.google.com., dsn=4.0.0, stat=Deferred: Connection timed out with alt2.gmr-smtp-in.l.google.com.
Скажите как понять откуда производиться залив спама, думал что на сервере инициируется какой-то скрипт, поэтапно отключил все процессы. Но нет, спам продолжается, не могу понять источник, погуглил но ни чего не нашёл! :(