LinuxQuestions.org
Support LQ: Use code LQ3 and save $3 on Domain Registration
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 03-18-2004, 04:51 PM   #1
bulzbb
Member
 
Registered: Feb 2004
Posts: 50

Rep: Reputation: 15
Angry Sendmail smtpd being used for spam..


Hi, I think my smtp server has been used for spamming few hours ago. I received 55 emails from "Mail delivery subsystems", saying some random email cannot be sent to @yahoo.com, for example:

The original message was received at Fri, 19 Mar 2004 00:13:54 +0800
from localhost
with id i2IGDsuR004496

----- The following addresses had permanent fatal errors -----
2s2iiap2s2iiap@yahoo.com
(reason: 553 VS10-RT Possible forgery or deactivated due to abuse (#5.1.1))

----- Transcript of session follows -----
... while talking to mx1.mail.yahoo.com.:
>>> DATA
<<< 553 VS10-RT Possible forgery or deactivated due to abuse (#5.1.1)
550 5.1.1 2s2iiap2s2iiap@yahoo.com... User unknown
<<< 504 At least one RCPT command is required


I'm stil looking for a way to prevent this, but in case if anyone here know may help me out. In case if the server being used by spammer again.

By the way, is there a way to put in password for the smtp server? But if i do this, will it interfere with phpBB, since it will use smtp to email others, but I dont see it asking for password.

And is spamassassin the right answer for me? THanks.
 
Old 03-18-2004, 05:03 PM   #2
bulzbb
Member
 
Registered: Feb 2004
Posts: 50

Original Poster
Rep: Reputation: 15
Oh yeah, and I'm using Slackware 91, with sendmail come out of the box.
 
Old 03-18-2004, 07:17 PM   #3
bulzbb
Member
 
Registered: Feb 2004
Posts: 50

Original Poster
Rep: Reputation: 15
Hrm, I think I know what went wrong. In my /etc/access file, I have

localhost RELAY
mydomain.com RELAY
com RELAY
com.au RELAY
net RELAY
net.au RELAY
edu RELAY
edu.au RELAY

Is it because of this that spammer can pipe through my mail server and use my server to send multiple email? I have removed all entries, except localhost and mydomain.com. and in my local-host-names file, i have (and always have been):

localhost
mydomain.com

And because in my mv i use FEATURE(use_cw_file), I have created sendmail.cw with the same entries as local-host-names file.

Will this be enough to make sure spammer not using my email server as a pipeline?

Thanks.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Spam and sendmail Jonpittam Linux - Software 2 09-30-2004 07:56 AM
Sendmail spam solution (?) fillgood Linux - General 2 08-29-2003 05:12 AM
Sendmail Spam MrJoshua Linux - Software 1 08-14-2003 11:54 AM
Sendmail Spam control jchristman Linux - Software 8 07-02-2003 04:20 PM
Redhat 7.1 Sendmail/smtpd not starting warath Linux - Networking 2 10-11-2001 09:47 PM


All times are GMT -5. The time now is 01:14 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration