Linux - EnterpriseThis forum is for all items relating to using Linux in the Enterprise.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hello all. In the last year, I have removed a user from
my server. However, I see ALOT of attempts by various machines to send mail to this defunct user. Yesterday
I counted 111 attempts! This user is gone and I really
would like to cleanup the mess . I am running spamassasin and sendmail-8.13.7. Anyone have an Idea on how to squelch this ? It's probably something stupid, it usually is
It could be 'spam by backscatter', try turning off bounce messages temporarily to see if it clears up
cheers
How to do this ? in the sendmail.mc file ?
in the client? I use thunderbird email client
on a windows box i know it's a bit disgusting
but this is what users like to use.
I would suggest reading the headers on the messages that are trying
to be delivered. That will let you know what hosts have mail queued
up for this user.
Next, go to each of those machines and run mailq. That will tell you
what all messages are spooled for delivery. If you find a lot, you
may need to search through the cronjobs to see what is sending the
messages.
I would suggest reading the headers on the messages that are trying
to be delivered. That will let you know what hosts have mail queued
up for this user.
Next, go to each of those machines and run mailq. That will tell you
what all messages are spooled for delivery. If you find a lot, you
may need to search through the cronjobs to see what is sending the
messages.
Sounds like a logical approach . However this stuff is
coming from machines across the internet. I don't
have accounts on these hosts. My suspicion is the
hosts are bots.
Yes, in that case we're talking about garden variety spam. As you
implied, there isn't anything you can do to prevent the delivery
attempts. However there are a few options about how you handle
them.
Personally I use ASSP to filter incoming email. It takes a little
time to learn and configure, but it's worth it. It will prevent
the delivery of email that is not wanted. And you can configure
it to accept and tag email that is deemed inappropriate.
I don't know a lot about spamassassin, but I'll bet that you could
identify the defunct user's email address as a spam word. That
would mean the email would be received and treated like spam.
You could also remove (or rename) the user's account. Most mail
systems are configured to not accept email for non-existant
accounts.
And I just re-read the original message. You wrote that this
user has already been removed. In that case ASSP or a combnation
of greylisting and blacklisting would be required to block incoming
connections.
Yes, in that case we're talking about garden variety spam. As you
implied, there isn't anything you can do to prevent the delivery
attempts. However there are a few options about how you handle
them.
Personally I use ASSP to filter incoming email. It takes a little
time to learn and configure, but it's worth it. It will prevent
the delivery of email that is not wanted. And you can configure
it to accept and tag email that is deemed inappropriate.
I don't know a lot about spamassassin, but I'll bet that you could
identify the defunct user's email address as a spam word. That
would mean the email would be received and treated like spam.
You could also remove (or rename) the user's account. Most mail
systems are configured to not accept email for non-existant
accounts.
And I just re-read the original message. You wrote that this
user has already been removed. In that case ASSP or a combnation
of greylisting and blacklisting would be required to block incoming
connections.
Thanks for your reply. I will look into
ASSP and spamassasin blacklisting/graylisting
config. This is an annoying problem to be sure.
Also I will go through sendmail config/mc
setup . There ought to be a way to nip this at
the SMTP level other then using iptables to block
out the many hosts that are sending me this filth.
I had to do this to block a couple of hosts that
were sending me virus emails that windows
machines were pulling down from the pop server.
yacc I really don't care for Windows because of
this virus crap. Wife and kids like it though.
Yeah, I know what you mean about the Windows thing. A few months
ago I installed Linux on my last Windows box. It felt great. Now
I just have two virtual machines running Windows, one for work and
one for games.
You're right about nipping the spam problem at the smtp level. I
used to manually update the /etc/access file, but that takes a lot
of time. Since installing ASSP, I'd never go back.
Yeah, I know what you mean about the Windows thing. A few months
ago I installed Linux on my last Windows box. It felt great. Now
I just have two virtual machines running Windows, one for work and
one for games.
You're right about nipping the spam problem at the smtp level. I
used to manually update the /etc/access file, but that takes a lot
of time. Since installing ASSP, I'd never go back.
You are making too much sense.
I am now checking if the perl I have installed
is equal to the job. Spamassasin isn't doing it
for me unfortunately, Thanks for the
insight, and my forehead thanks you
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.