stop SMTP

sanjibgupta · 03-08-2017, 01:13 AM

Hi
I have Linux RHEL5 running as as proxy server with no mailing daemon but i have receive mails from the service provider stating mails originating from my machine (xx.xx.xx.11)

Iptables also has
-A OUTPUT -p tcp --dport 25 -j REJECT

PLease help me how to stop any SMTP from this machine from any port.

{
"SMTP CONNECTION": "xx.xx.xx.11->89.#.#.70:25",
"HELO": "[xx.xx.xx.11]",
"MAIL FROM": "<xd###@###ot.de>",
"RCPT TO": "Array
(
[0] => <in###@###la.it>
)
",
"HEADERS": "Message-ID: <58###@###ot.de>
Date: Tue, 07 Mar 2017 20:24:08 +0400
From: <xd###@###ot.de>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20110624 Thunderbird/5.0
MIME-Version: 1.0
To: <in###@###la.it>
Subject: Vi offriamo la possibilita di guadagnare fino a 819 eur extra alla settimana.
Content-Type: multipart/alternative;
boundary="------------030404030604030205050105"
This is a multi-part message in MIME format.
--------------030404030604030205050105
Content-Type: text/plain; charset=CP-850; format=flowed
Content-Transfer-Encoding: quoted-printable

",
"MESSAGE BODY": "[hidden]"
}

TB0ne · 03-08-2017, 07:50 AM

Quote:

Originally Posted by sanjibgupta

Hi
I have Linux RHEL5 running as as proxy server with no mailing daemon but i have receive mails from the service provider stating mails originating from my machine (xx.xx.xx.11)

Iptables also has
-A OUTPUT -p tcp --dport 25 -j REJECT

PLease help me how to stop any SMTP from this machine from any port.

If mail services aren't running on that system, then it's obviously coming from some other system on your network. But you say nothing about what's there, or your environment, so there isn't much we can tell you. While you may be blocking port 25, there are other ports that are used as well, are you blocking those? You don't tell us what mail system(s) are in use at your location, so again...can't tell you much of anything, or even where to check.

However, you're using RHEL5..which is very old, and TOTALLY UNSUPPORTED at this point, and is a commercial, pay-for distro. Are you PAYING for Red Hat support, and have you contacted the support you're paying for, and asked for assistance?

You've also been posting about email for years now...have you checked ANY of the mail logs or done any troubleshooting??? Without details, we can't help, but see any of the numerous other posts about spam emails that you've started over many years for more suggestions.

http://www.linuxquestions.org/questi...sassin-863459/
http://www.linuxquestions.org/questi...em-4175436239/
http://www.linuxquestions.org/questi...il-4175464929/
http://www.linuxquestions.org/questi...lp-4175515218/

Basic mail server hardening has to be done; you've never followed up in any of those other threads, to say if you've done/tried/researched anything regarding it. Again, we are happy to try to help you, but you have to participate in the conversation, give feedback, and provide details.