LinuxQuestions.org
View the Most Wanted LQ Wiki articles.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 05-03-2006, 04:15 AM   #1
izghitu
Member
 
Registered: Oct 2005
Location: localhost.localdomain
Distribution: CentOS
Posts: 108

Rep: Reputation: 16
how to find out who is spamming on qmail with courier-imap?


Hello,
I own a server with plesk on it
It is using qmail and courier-imap
When looking in the mail queue I detected a lot of spam messages

Can somebody tell me how can I find out who is sending spam through my server, how is he doing it(via php/html scripts or via shell?), how can I prevent this from happening in the future?

Are there any tehniques in detecting the spammer?

Please help

Thank you
 
Old 05-04-2006, 12:22 AM   #2
btmiller
Senior Member
 
Registered: May 2004
Location: In the DC 'burbs
Distribution: Arch, Scientific Linux, Debian, Ubuntu
Posts: 4,060

Rep: Reputation: 295Reputation: 295Reputation: 295
I'd suggest taking a thorough look through your /var/log/maillog and see who is connecting to your server. You can also test if your server is configured as an open relay (which would be bad). If you Google for "open relay tester" or the like you can find a number of services to test your site. I'd also examine the server as a whole. If a cracker exploited a vulnerable web application, he could easily use it to send out tons of spam. What all is running on the server? Is there anything else specific in the system logs? Plesk should give you some mechanism for looking at your logs, or just SSH in and hunt around in the /var/log directory.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
qmail-ldap + courier-imap woes (imap capability) syahid Linux - General 1 10-12-2005 12:03 AM
qmail problem. Works with courier-imap, not with pop.. rincewind Linux - Software 9 05-26-2005 07:18 AM
Spamassassin using vpopmail/qmail/courier-imap config issues korozion Linux - Software 0 03-14-2005 04:29 PM
qmail + courier imap + squirrelmail...can't login using squirremail..user invalid rnj Linux - Newbie 6 10-11-2004 11:14 PM
Qmail+courier-IMAP+SquirrelMail+ virtualmin Half way there posixjunkie Linux - Wireless Networking 0 04-15-2004 07:07 AM


All times are GMT -5. The time now is 11:40 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration