| Linode Forum https://forum.linode.com/ |
|
| Server Relaying Spam - Help Needed https://forum.linode.com/viewtopic.php?f=11&t=9824 |
Page 1 of 1 |
| Author: | richtestani [ Tue Feb 26, 2013 10:23 am ] |
| Post subject: | Server Relaying Spam - Help Needed |
Hello, I'm running Postfix email server, and recently its been relaying SPAM which Linode has issues me a warning. It's also generating high Disk IO so its getting bad. Can anyway help me configure my server to stop relaying spam? I'm very new to email setup and securing it so please, any help in the right direction and explaining some thing would be awesome. http://pastebin.com/kkpMdCjN This expires in 7 hours. Thanks Rich |
|
| Author: | derfy [ Tue Feb 26, 2013 2:48 pm ] |
| Post subject: | Re: Server Relaying Spam - Help Needed |
We'll also need excerpts from your /var/log/mail.log showing the relaying. Also, according to the docs, reject_rbl_client is only valid in smtpd_client_restrictions. maps_rbl_domains is obsolete (maybe depending on what version of postfix you're running; you didn't tell us). You have a default permit action in smtpd_recipient_restrictions; I would change that to reject. Adding 'smtpd_sasl_authenticated_header = yes' to /etc/postfix/main.cf could help if a mailbox password has been cracked (this will add a header detailing which mailbox account was used to send spam) - again, only useful if a password has been cracked. I see your port 25 is tcpwrapped currently; have there been any more reports of spam? If so, this could be a trojan sending spam, or a wordpress/drupal/other install gone rogue. Hopefully this will give you some place to start. Edit: recommend you leave the paste up until your problem is solved. When I saw it, it had 2 hours left. |
|
| Page 1 of 1 | All times are UTC-04:00 |
| Powered by phpBB® Forum Software © phpBB Group http://www.phpbb.com/ |
|