[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] Closing port 23

Subject: Re: [cobalt-users] Closing port 23
From: "Chris" <clathem@xxxxxxxxxxxxx>
Date: Wed Jan 8 12:18:00 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>


> I guess I thought it may be a way of preventing spammers from using my
mail
> server to send mail.
> I have all the updates, POPb4SMTP, firewall, portsentry, chkrootkit,
> fcheck....
> Yet it still looks like someone is able to connect somehow to spam...
> I get lots of bounce back messages.... And how are they able to do the
> following...
> And how can I stop it???
>
> Jan  8 12:38:46 nala sendmail[7164]: h08Ici107164:
> from=<D-8-738411-7993461-2-38900-US1-0B84E88E@xxxxxxxx>, size=14678,
> class=0, nrcpts=1,
msgid=<I-3-738411-7993461-2-38900-US1-C26FB0A6@xxxxxxxx>,
> proto=ESMTP, daemon=MTA, relay=memailout21.messagereach.com
> [205.183.255.230]
> Jan  8 12:38:48 nala sendmail[7171]: h08Ici107164: to=dtk27@xxxxxxx,
> delay=00:00:03, xdelay=00:00:02, mailer=esmtp, pri=44385,
> relay=mailin-04.mx.aol.com. [64.12.137.152], dsn=2.0.0, stat=Sent (OK)
>
> Thank you,
> Tom Nelson


Its possible the spammers are using a domain you host to send the errors
too, or maybe forging an address at a domain you host as their own. Either
way you will get the errors sent back to you. Unless you've changed the
sendmail config drastically on a Cobalt, I doubt you will see spam
originating from your server. (With the exception of formmail scripts and
possibly your own users, but that should be easy to fix correct?)

:-)

Chris

References:
- RE: [cobalt-users] Closing port 23
  - From: Tom Nelson

Prev by Date: Re: [cobalt-users] DNS Serial Numbers
Next by Date: RE: [cobalt-users] RE: Closing port 23
Previous by thread: RE: [cobalt-users] RE: Closing port 23
Next by thread: RE: [cobalt-users] Closing port 23

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index