Re: How to detect spammers?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



----- Original Message -----
From: "Jason Staudenmayer" <jasons@xxxxxxxxxxxxxx>
To: <redhat-list@xxxxxxxxxx>
Sent: Friday, December 05, 2003 12:45 PM
Subject: RE: How to detect spammers?


> Firewall it and read up on hardening Linux. Get rid of ALL SERVICES NOT
> NEEDED. Those emails you are seeing are more than likely the nightly cron
> jobs. If you did nothing with sendmail after install it only listens
locally
> on 127.0.0.1 that is default.

We did not change anything with sendmail after installation, and were
surprised
that it was installed.  The time and dates on the entries in maillog
coincide with
the time and dates of groups of 'undeliverable  mail'  that was returned to
a
windows workstation on the same internal network.  They all include our
return address, but we never sent them.

Thanks,
Bdavis

>
> -----Original Message-----
> From: Billy Davis [mailto:bdavis@xxxxxxxxxxxx]
> Sent: Friday, December 05, 2003 11:46 AM
> To: redhat-list@xxxxxxxxxx
> Subject: Re: How to detect spammers?
>
>
>
> ----- Original Message -----
> From: "Jason Staudenmayer" <jasons@xxxxxxxxxxxxxx>
> To: <redhat-list@xxxxxxxxxx>
> Sent: Friday, December 05, 2003 10:34 AM
> Subject: RE: How to detect spammers?
>
>
> > Start by making sure your not a open relay. Then check your maillog for
> > outside connections sending email outside of your domain (relaying). It
> > would also help if we knew what MTA you have running.
>
> The maillog has entries that coincide with the suspected spam transmission
> times.  Also, the entries include 'mailer=relay' and 'relay=[127.0.0.1]'.
> We
> do not use the RH Server for mail at all, but I did notice that 'sendmail'
> is
> enabled, so I disabled it.  What else do we need to do?
>
> Thanks,
> Bdavis
>
>
> >
> > -----Original Message-----
> > From: Billy Davis [mailto:bdavis@xxxxxxxxxxxx]
> > Sent: Friday, December 05, 2003 10:22 AM
> > To: redhat-list@xxxxxxxxxx
> > Subject: How to detect spammers?
> >
> >
> > We have reason to believe that someone on the Internet
> > is using our RH9 Linux server to distribute spam.  Are
> > there any log files that we can check to verify this?
> > How can we prevent it?
> >
> > Thanks,
> > Bdavis
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
> >
> > --
> > redhat-list mailing list
> > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list


-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux