Linux - GeneralThis Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I configured ( sendmail + Smarthost + pop-before-smtp settings + smtp auth settigns ), today i saw 18000 mail in mailq and somebody sending mail from my mailserver ,as i got reported by ISP for spaming. How someone broke the sendmail + pop-before-smtp settings. i usually access that system through webmin. Is webmin cause to hack password.
Or How someone break sendmail security without even choosing my own user / password spamper settings messages to smart hosts to yahoo / gmail with his own junk user name and password?
I stopped sendmail for the time being.
Any idea what i should look for and what i should go for its remediation?
Any help would be greatly appreicated.
Last edited by mail4vijay; 02-26-2010 at 04:14 AM.
I configured ( sendmail + Smarthost + pop-before-smtp settings + smtp auth settigns ), today i saw 18000 mail in mailq and somebody sending mail from my mailserver ,as i got reported by ISP for spaming. How someone broke the sendmail + pop-before-smtp settings. i usually access that system through webmin. Is webmin cause to hack password.
Or How someone break sendmail security without even choosing my own user / password spamper settings messages to smart hosts to yahoo / gmail with his own junk user name and password?
I stopped sendmail for the time being.
Any idea what i should look for and what i should go for its remediation?
Any help would be greatly appreicated.
Webmin is unsafe to start with, in my opinion. If you want a secure system, run as few open services on it as you can. Disable EVERYTHING that's not needed. On my mail servers, all I've got running is sendmail and SSH...you should be easily able to configure and maintain sendmail via a terminal window.
And as jlightner said, you've probably got an open relay running. Set up a good ACL, and turn off open relays.
Webmin is unsafe to start with, in my opinion. If you want a secure system, run as few open services on it as you can. Disable EVERYTHING that's not needed. On my mail servers, all I've got running is sendmail and SSH...you should be easily able to configure and maintain sendmail via a terminal window.
And as jlightner said, you've probably got an open relay running. Set up a good ACL, and turn off open relays.
Thaks for all reply , i am checknig back my sendmail settings and hopefully would resolve this issue.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
