search

budtmo / docker-android

Android in docker solution with noVNC supported and video recording
Other
8.81k stars 1.19k forks source link

[Spam Detected] Anti-spam Protection Layer has Detected Spam #349

Closed bwq90 closed 1 year ago

bwq90 commented 1 year ago

Hello,

I recently installed this docker image on a dozen devices. Almost all of them are now sending some sort of spam messages on port 25 to random domains.

My server provider has now blocked Port 25 on my those Linux devices.

To help you investigate about this problem and fix it, here are a sample and some advanced details on your emails:

Destination IP: 104.47.14.33 - Message-ID: 0434E946.F5964C7B@clews.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 1392223B.8A037970@1686.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 1745480D.9E1E9AF3@aprs-asso.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 1B6EDA4D.8AC55ED3@adaptare.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 360D6E69.E319F87B@aprs-asso.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 57773050.A7EE9BDA@gabi.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 5B6CEEF5.CDFDC6AB@gabi.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 7638D150.F0BFDF2D@academie-de-sophrologie.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 7BD37CCE.4FF7E9A0@academie-de-sophrologie.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: 7C499946.CE2350C3@chaletle4.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: B070000D.5C6B0CD4@academie-de-sophrologie.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: DA262CD8.28789F7F@aprs-asso.biz - Spam score: 300
Destination IP: 104.47.14.33 - Message-ID: FF8E2BC8.9A5AD368@materialybudowlane.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 0102F945.10453E39@discovoyance.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 0C80805F.2FBFC946@clews.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 164B663B.974BAC8B@acbs.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 18B10254.C59DA570@distware.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 1949E609.C9F1ED6B@delvano.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 35CE00CC.DD64129A@catalystcom.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 4C78A0A0.6EFCC84E@gignetworks.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 504A35E9.02FA21F0@catalystcom.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 6020476A.245AC53D@bb365.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 6E49BD3A.C346E1DB@evprovence.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 8924CDCE.E654CCF9@france-export.biz - Spam score: 500
Destination IP: 104.47.18.161 - Message-ID: 93DE298A.0D72FE04@firstvoyance.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: 9632BD43.BAB301DE@catalystcom.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: A024E6D2.30CDE56D@anymerchant.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: B237ADD9.081CC9DB@distware.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: BCE5B2DF.2F105F54@catalystcom.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: CC0AC65D.5B2F19D3@espace-auto-de-la-valoine.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: DC16A555.48316B33@acbs.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: E9CD0626.62CE4796@distware.biz - Spam score: 300
Destination IP: 104.47.18.161 - Message-ID: FA4E32C2.B76231C8@anymerchant.biz - Spam score: 300
Destination IP: 104.47.18.225 - Message-ID: 063BF09E.4FC814F7@alfastage.biz - Spam score: 300
Destination IP: 104.47.18.225 - Message-ID: 79F3969E.66E35F5B@alfastage.biz - Spam score: 300
Destination IP: 104.47.18.225 - Message-ID: 7D0D0F66.B4FA8B61@bour.biz - Spam score: 300
Destination IP: 104.47.18.225 - Message-ID: 8937C779.DEACE56C@bb365.biz - Spam score: 300
Destination IP: 104.47.18.225 - Message-ID: 9C969741.5E6B6A05@alfastage.biz - Spam score: 300
Destination IP: 104.47.18.225 - Message-ID: B790D0A3.F148EA99@bour.biz - Spam score: 300

I Installed docker and then installed this image via below code on those Ubuntu servers.

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - && sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" && sudo apt-get update && apt-cache policy docker-ce && sudo apt-get install -y docker-ce && sudo systemctl status docker

sudo docker run --privileged -d -p 6080:6080 -p 5554:5554 -p 5555:5555 -e DEVICE="Samsung Galaxy S10" --name android-container budtmo/docker-android-x86-12.0

I am 100% sure my devices were not sending any spam before this installation. How can I dig down further. Now Port 25 is blocked on my servers to prevent this spam. But how to block the function or code which is sending this Spam after installing this docker image?

trinhpham commented 1 year ago

I am afraid that one of your apps you install to the emulator makes the issue. On my system, no outside connection is made to port 25.