Find the answer to your Linux question:
Results 1 to 2 of 2
I am hoping someone can assist me. I am responsible for a mail server running sendmail and today, around 11:30 am the SMTP side of things stopped working. I have ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Aug 2007
    Posts
    1

    Sendmail SMTP problem


    I am hoping someone can assist me.

    I am responsible for a mail server running sendmail and today, around 11:30 am the SMTP side of things stopped working.

    I have made no changes to the system.

    It just stopped.
    If I restart sendmail it works for a few minutes and then stops again.

    I was checking the mail queue to try and determine what was going on and I was seeing a lot of Mailer Daemon traffic to a vast plethora of addresses that I did noit recognize, so I peeked in on them. A lot of them (all that I checked) were bounce-backs from my server to other addresses and the original message was spam.

    I cannot find the place to turn off the auto-responder for bad addresses.
    I also cannot figure out (easily) where the log file can be accessed from (I inherited the position and all attached systems and have been trying to catch up on how everything works for normal daily operations so I have not yet had the chance to really dig in and learn everything (plus I am hesitant for fear of breaking something).

    Is my suspicion that this is an external spammer "attack" likely? Is there something else I should be looking for?
    Any way I can fix this so that it does not happen in the future?

    Thanks!

  2. #2
    Just Joined!
    Join Date
    Sep 2007
    Posts
    3

    Exclamation Sendmail

    Sounds like you are getting hammered with a huge mailing list spammer

    If you stop sendmail (/etc/init.d/sendmail stop [Solaris]) or (service sendmail stop [Linux])
    that only terminates the inbound listening on port 25/587. Any messages in the queue
    would still be present as well as any connected remote hosts. Do "ps -ef | grep send"
    to see what is still connected.

    Then for cleanup, kill the connected servers, purge the queues and install any of the
    following:

    1. greylist-milter
    2. clamAV
    3. MimeDefang or Amavis

    Additionally, retune your sendmail.mc to include a few DDBL blocks and do not
    accept unresolvable domains.

    Finally, clean up or modify your local-domains, local-hosts, relay-domains, and access sendmail files.

    That should take care of 90 or better percent of your problems.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •