LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   how to tell if getting unauthorized mail relaying? (https://www.linuxquestions.org/questions/linux-software-2/how-to-tell-if-getting-unauthorized-mail-relaying-216395/)

linuxboy69 08-11-2004 05:21 PM
how to tell if getting unauthorized mail relaying?
 
I am really new to mail administration and I need some help. I am running sendmail version 8.11.6 and in my root mail I get messages saying that there were problems sending out some mail messages. it is not email that I send out and it looks like spam. I am only allow relaying through a couple domains and I assumed that all other relays would be rejected. Is this true? How can I tell how secure my sendmail daemon is?

Any help is greatly appreciated. Thanks in advance.

Pete M 08-11-2004 05:29 PM
linuxboy69

This web site will give some idea
Open Relay Test

Also check your mail logs

Pete

SheldonPlankton 08-11-2004 05:36 PM
I am new to mail admin. too and I have seen how to use telnet to send email. If I am wrong could someone please correct me. :)

Code:
spammer $ telnet yoursystem 25
Trying XXX.XXX.XXX.XXXX...
Connected to yoursystem.
Escape character is '^]'.
220 localhost.localdomain ESMTP Sendmail 8.12.8/8.12.8; Wed, 11 Aug 2004 04:41:06 -0700
HELO whatever
250 localhost.localdomain Hello localhost.localdomain [127.0.0.1], pleased to meet you
MAIL FROM:somebody@whocares
250 2.1.0 somebody@whocares... Sender ok
RCPT TO:sheldonplankton@yahoo.com
250 2.1.5 sheldonplankton@yahoo.com... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
blah
balh balh blah balh

Cool site
http://raider.muc.edu/~kirchmjf/SP20...SMTPSample.htm
.
250 2.0.0 i7BBf6aF002955 Message accepted for delivery
QUIT
221 2.0.0 localhost.localdomain closing connection
Connection closed by foreign host.
bash-2.05b$

linuxboy69 08-12-2004 12:46 PM
Thank you for replying

I did the relay testing and all of the tests were denied. I guess that is a good thing but I am still baffled as to how I get these strange messages in my mail box??

Pete M 08-12-2004 01:05 PM
linuxboy69

What you may be seeing are failed attempts to relay through your server, I get them all the time sometimes in large numbers

Spammers are always on the look out for open relays so it pays to keep your eye on the mail logs and not get complacent

Pete

linuxboy69 08-12-2004 03:45 PM
ok, thanks for the tip!!!


All times are GMT -5. The time now is 02:22 PM.