Le 07/12/2012 18:22, Titanus Eramius a écrit : > [snip] > titanus@asrock:~$ telnet 94.247.168.138 25 > Trying 94.247.168.138... > Connected to 94.247.168.138. > Escape character is '^]'. > 220 ntdata.nt-data.dk ESMTP Postfix > EHLO fake > 250-ntdata.nt-data.dk > 250-PIPELINING > 250-SIZE 10240000 > 250-ETRN > 250-STARTTLS > 250-AUTH PLAIN LOGIN > 250-AUTH=PLAIN LOGIN > 250-ENHANCEDSTATUSCODES > 250-8BITMIME > 250 DSN > MAIL FROM:s...@veryfakeaddress548562.tld > 250 2.1.0 Ok > RCPT TO:m...@nt-data.dk > 250 2.1.5 Ok > DATA > 354 End data with <CR><LF>.<CR><LF> > content here > . > 250 2.0.0 Ok: queued as EDB151746A80 > quit > 221 2.0.0 Bye > Connection closed by foreign host. > > The maillog on the server looks like this: > > titanus@ntdata:~$ sudo cat /var/log/mail.log | grep "EDB151746A80"
<humour> mew :) you like cats too? or is it the pipe that you like? $ sudo grep "...." /var/log/mail.log saves a few keystorkes .... </humour> keep reading. answer below. > > Dec 7 17:51:38 ntdata postfix/smtpd[26112]: EDB151746A80: > client=unknown[92.243.255.38] > > Dec 7 17:51:51 ntdata postfix/cleanup[26118]: EDB151746A80: > message-id=<> > > Dec 7 17:51:51 ntdata postfix/qmgr[3981]: EDB151746A80: > from=<SRS0=QfAL=KB=veryfakeaddress548562.tld=s...@nt-data.dk>, > size=396, nrcpt=1 (queue active) > > Dec 7 17:51:51 ntdata postfix/pipe[26119]: EDB151746A80: > to=<m...@nt-data.dk>, relay=dovecot, delay=36, delays=36/0.01/0/0.17, > dsn=2.0.0, status=sent (delivered via dovecot service) > > Dec 7 17:51:51 ntdata postfix/qmgr[3981]: EDB151746A80: removed > > > If at all possible, I would like the system not to accept the mail. > why not? because you sent it using the telnet client program? there is no fundamental difference between mail sent using a "standard" MUA (thunderbird, outlook, ...) or a program such as telnet, netcat, ... or a script using perl, python, php, ... and no, spammers do not use the telnet program. that would be too slow! they (generally) use spam bots, which can send masse mails in a short time. trying to detect such bots is teh subject of anti-spam measures such as postcreen, greylisting, spam filters (that look for specific headers or other).
