[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [cobalt-users] Spamming on Raq3
- Subject: RE: [cobalt-users] Spamming on Raq3
- From: "Steven Young" <steven.young@xxxxxxxxxxxxxxx>
- Date: Fri Nov 15 04:25:02 2002
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
> Hy Guys,
>
> Need your help, we are being spammed on a RAQ3.
> Kernel 2.2.16C28_III
> Sendmail 8.9.3
> Users have to pop before smtp, and only the ip of the users
> are allowed. But somehow we are open. Any ideas? What info do
> u need? Logfiles? Plz help
>
> Cheers
>
> Rudi
Hi Rudi,
Do you mean your server is being used by spammers to send their spam to
the outside world (open relay), or do you mean that users on your RaQ
are recieving spam via the email accounts on your server?
If it's the first then most likely something is wrong with your setup.
Try to send some email through your server without popping first and
check that it is refused (remember that pop-b4-smtp will allow your
client IP to send mail for a specified time after the last pop -
normally 1 hour?). Scan through /var/log/maillog and see if you can
determine the IP(s) of the source of the spam. Check that the offending
source IP(s) is not an IP you say you have allowed to use SMTP, it could
be one of your authorised users / clients!
If it's the second, then you need to look at installing some software
such as spamassasin, etc. There is not a lot you can do about stopping
spammers from sending spam to email accounts on your server in the first
place, but you can filter a good proportion of it. There has been quite
a lot of talk about spam prevention techniques on this list so also try
searching the archives.
Hope this helps a little,
Steven Young