Qmail Security Question
I have a small server on which I run a variety of apps. Most use php mail to send a few emails out, but I use a gmail address for replies.
I have relaying disabled in qmail but I recently was blacklisted by spamhaus as someone is evidently able to relay using my server, or to make it look that way. I'm really an amateur when it comes to sniffing this out. The domain in question has a mail entry that points to the IP of my server and mails from that domain at least appear to come from my server.
I've attached the text from Spamhaus and the Whois. The domain was registered through The Planet.
Any advice on how to fix this in terms of what security holes to look for and whether to contact the domain registrar or the registrant would be appreciated.
Many thanks in advance.
one of the solution for fighting spam is setting an SPF record for your domain
I'm not sure what that has to do with my problem as it's someone else who is using my qmail installation to send spam from his domain. My domains all have properly formed spf records.
Originally Posted by davidanand
Do you have any of the spoofed emails with complete headers. just post it.
As much as Spamhaus has provided is in the first attachment.