LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 04-01-2016, 01:44 PM   #1
vs1784
LQ Newbie
 
Registered: Mar 2016
Posts: 3

Rep: Reputation: Disabled
My Server is sending SPAM


My linux server Ubuntu 8.4 is sending SPAM emails.

For now i have disabled Postfix and Webmin which could be the culprit.

I also ran maldet scan on server but no infections are found.

Is there any way i can identify what is sending emails?
 
Old 04-01-2016, 02:04 PM   #2
astrogeek
Moderator
 
Registered: Oct 2008
Distribution: Slackware [64]-X.{0|1|2|37|-current} ::12<=X<=14, FreeBSD_10{.0|.1|.2}
Posts: 4,032
Blog Entries: 1

Rep: Reputation: 2118Reputation: 2118Reputation: 2118Reputation: 2118Reputation: 2118Reputation: 2118Reputation: 2118Reputation: 2118Reputation: 2118Reputation: 2118Reputation: 2118
It is not possible to say with the information given, so you are really the only one who can find the culprit.

First, I am not a 'buntu user, but it looks to me as if that is a VERY old version! If so, it is almost certain that there are multiple unpatched exploit vectors, so whatever the immediate cause, the fix must involve an update (aka reinstall) to a current OS version.

Also, is this a VPS, a hosted server or your own hardware and router?

Next, if Postfix is not well configured it may be serving as an open relay - so that is a good first place to start. Use your favorite search engine and learn what "open relay" means and how to test and configure for that.

Webmin, known to have many exploits in recent years as I recall, what version and is it fully patched?

Firewall? How is that configured?

Are you running any web sites from that machine? Are you running any WordPress instances? What version?

How many people have access to the machine, and what type of access? Have you checked the logs?

+1 for killing Postfix, but you still need to verify whether that stopped the spam traffic, and you need to keep that system off the internet until it is fully fixed and configured, otherwise the spammer will still have access and you will never, ever, get it fixed as along as they have such access.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Something is sending SPAM from my server hua Linux - Security 3 07-18-2015 08:37 AM
i think my server is sending spam mail zubinn Linux - Security 15 03-01-2011 09:45 AM
CentOS server sending spam aaronjwood Linux - Security 9 12-28-2010 06:03 PM
My mail server may be sending spam.. davidstvz Linux - Security 16 08-03-2010 01:13 PM
Please help! Urgent ! Mail server being used for sending spam kumar_79v Linux - Server 1 08-30-2008 01:22 AM


All times are GMT -5. The time now is 07:18 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration