Visit the LQ Articles and Editorials section
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 11-08-2012, 07:03 AM   #1
Registered: Apr 2003
Location: Kolkata
Posts: 213

Rep: Reputation: 30
Mail problem

I have sendmail(sendmail-8.12.10-1) running on RHEL 3. Recently I in the mailq I have noticed Reciepts as <undisclosed> from <> trying to send mail to users outside the network.
I donot allow my machine to RELAY.
My port 25 telnet is closed so i cannot check if my machine is working as open relay.

Can I anyway know what address are there in <undisclosed> as i am not fully aware if any user is forwarding this mail and why is machine sending this mail and how can i stop such activities.

Sanjib Gupta
Old 11-08-2012, 09:36 AM   #2
Senior Member
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778Reputation: 778
sendmail(sendmail-8.12.10-1) running on RHEL 3.

Sendmail 8.12.10 was released 2003/09/17, making it almost a decade old!
RHEL3 was released between 2003-10-22 and 2007-06-15 depending on the patch level and all versions are running kernel revision 2.4

The fact that your logs are showing your mail system trying to send to undisclosed recipients, which to me says spamming a list of BCC recipients, via an obvious spoof from address is a strong indication that your system has been compromised in some fashion. Without performing an investigation you won't know how. Given that the machine is so severely out of date, I question whether a thorough investigation would be worth the effort. This is a decision you will have to make. More importantly, running a public facing server, especially an email server requires a responsible commitment and this machine has clearly been neglected. Even if you were to wipe the machine out, rebuild it using current software, you would still have to decide if you are willing to spend the effort to manage it responsibly.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
mail loops back to me (MX problem?) OR did not issue MAIL/EXPN/VRFY/ETRN skc Linux - Server 6 07-09-2011 10:18 PM
problem with Evoution mail working with ubunto linux system senting mail dan1369 Linux - Newbie 1 06-14-2009 12:55 PM
Mail relaying problem, cannout mail from outside network using outlook andrewfeberwee Linux - Newbie 4 03-30-2009 08:12 PM
problem receiving pop3 mail from postfix mail server GEN_Electric Linux - Software 2 02-14-2005 03:43 PM
Strange mail problem, no errors, and no mail quincy56 Linux - Networking 4 09-07-2004 01:21 AM

All times are GMT -5. The time now is 11:52 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration