LinuxQuestions.org
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   possible security breach (https://www.linuxquestions.org/questions/linux-security-4/possible-security-breach-761414/)

johnh10000 10-12-2009 06:00 PM
Quote:
Originally Posted by anomie (Post 3717014)
I'd recommend that you keep that Ubuntu box physically unplugged (ethernet cable) from the network. You're going to get blacklisted and/or contacted by your ISP regarding abuse.
I have done. I am just hope someone can come up with something b4 wed. I off on holiday.

johnh10000 10-13-2009 01:26 AM
progress made.
 
Now I'm less drunk, and looked at it constructivly. As one of the others pointed out lots of port 25 accesses. So I've killed the mail server. Normal service (albit without mail) has been restored.

Now, my question is what happened? how do i find out? mail logs

johnh10000 10-13-2009 03:38 AM
oopps
 
Hello,

Please know that according to the provided smtpFilters.script, the
server is configured as an open relay.

In order to configure the server to require authentication to allow
relaying, please follow these steps:
- Login into the Webadmin Interface
- Click 'Acceptance & Routing' under 'Security & Filtering'
- Click 'Routing Basic Settings'
- Enable both 'Allow relaying from any IP' and 'Require authentication'
options
- Click 'Save Configuration'

anomie 10-13-2009 11:23 AM
That'll do it. Open relay == bad.


All times are GMT -5. The time now is 09:33 AM.
Page 2 of 2 1 2
Show 50 post(s) from this thread on one page