Find the answer to your Linux question:
Results 1 to 5 of 5
Hello, We have a dedicated server from GoDaddy running CENTOS 5.5 i686 standard. We only have four or so sites on it. The other day, we receive an email that ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Jun 2011
    Posts
    3

    [MYSTERY] Emails being sent under account with email disabled


    Hello,

    We have a dedicated server from GoDaddy running CENTOS 5.5 i686 standard.

    We only have four or so sites on it. The other day, we receive an email that we have reached our 1000 smtp limit. This was a mystery since we use google apps for email and don't get near 1000 emails for out sites using the contact forms and such.

    So I look at the relays and sure enough someone, probably a spammer, has used our smtp to send out their filth. I set email accounts and hourly emails to 0, remove the email in dns, and removed an email form they put on your server.

    However, they are still somehow sending mail using our server. I'm going to terminate the account and reinstall, but I would love to know how this hacker is doing this and what I can do to prevent it in the future.

    If you can answer this I will crown you a Linux god.

    Thanks

  2. #2
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    You are using your mail system as a relay? If so then you have to configure it to only relay your mail from your IP address. I don't know how to do this I just remember reading about how mail relays are used by spammers to get their junk out. Maybe look at turning off the relay.

    From what I understand it is best to not use a relay at all. This cuts out most if not all spammers junk.

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

  3. #3
    Just Joined!
    Join Date
    Jun 2011
    Posts
    3
    hey thanks very much, i will do some googling and check it out.

    I still would like to get more info on this, anyone?

  4. #4
    Just Joined!
    Join Date
    Jun 2011
    Posts
    3
    Anyone know how to close the relays or restrict to the ip address?

  5. #5
    Linux Guru Lazydog's Avatar
    Join Date
    Jun 2004
    Location
    The Keystone State
    Posts
    2,677
    A quick search on Google turned up this site:

    How to secure your mail system against third-party relay

    Regards
    Robert

    Linux
    The adventure of a life time.

    Linux User #296285
    Get Counted

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •