LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices



Reply
 
Search this Thread
Old 05-19-2007, 12:12 AM   #1
genderbender
Member
 
Registered: Jan 2005
Location: US
Distribution: Centos, Ubuntu, Solaris, Redhat
Posts: 396

Rep: Reputation: 31
mailq reporting 4000 messages - obviously spam attack


I've JUST started working with some important servers and recently all of them have received pretty heavy spam attacks, they get filtered and dont effect any of the servers processing power tis just a minor annoyance.

Like I said, this is a pretty new job and I'm a bit of a linux newbie so I don't wonna delete thousands of emails which are from genuine users or anything, just some basic advice would be nice.

Thanks for the help guys
 
Old 05-19-2007, 12:16 AM   #2
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
Rejecting mail for invalid/unknown users is a good start if you don't already
 
Old 05-19-2007, 12:27 AM   #3
keysorsoze
Member
 
Registered: Apr 2004
Location: Queens, NY
Distribution: Red Hat, Solaris
Posts: 295

Rep: Reputation: 30
Genderbender

What MTA are you running? I was in the same boat a couple of months ago when our postfix queues started soaring and mail started to become delayed on our gateways. I don't know the cause but we had to go to our DR servers in another state, which caused even more problems when we started dropping messages since we did not have valid relay domains specified in our postfix config. We discarded roughly 1000 messages from our company's email server but luckily I did not get fired due to a misconfig that another admin made. We rebuilt the mail servers with a fresh install of Solaris and had our mail gateway vendor send a conslutant to give us a run down of how everything works. Long story short you should get very familiar with your MTA and the software you are using. We use puremessage its fairly good but its commerical. It does a great job of blocking spammers and rejecting mail at the MTA level like billmayday stated it also has a great policy. I am sure Postfix has great spam utils such as greylisting, etc but you need to double check your configs to make sure everything is proper. Check the queues frequently as well making sure active and incoming queues are low are or you'll start getting delays.


Thats my 2 cents.

Last edited by keysorsoze; 05-19-2007 at 12:30 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Reporting spam by forwarded message broadcast Linux - General 2 03-21-2007 09:51 AM
rm: cannot remove files(spam messages) a.tsilfidis Linux - Server 22 02-15-2007 06:15 PM
yahoo marks Gmail messages as spam arunswarup General 8 11-04-2005 10:45 AM
spam Reporting and Analysis Tools justanothergeek Linux - Software 0 10-12-2004 10:22 AM
Identifying incoming spam vs. bounced messages chud67 Linux - General 0 07-26-2004 01:32 PM


All times are GMT -5. The time now is 02:34 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration