[NTLUG:Discuss] Sendmail/SPAM
Richard Cobbe
cobbe at directlink.net
Sat Nov 11 13:35:34 CST 2000
Lo, on Friday, November 10, Joey L. Berry did write:
> We are running Sendmail 8.11.0 & Sun 5.7 on our mail servers at work, the
> SPAM our users have been getting is increasing at a very sad rate. I found
> that anyone could connect to the sendmail port issue a simple helo command &
> start sending mail from our servers. Indeed the IP was in syslog however I
> would like to disable this if it is an option. We feel this is were some if
> not most of the spam is coming from. Does any one know if this is a sendmail
> or Solaris issue? And how we can disable this option?
Sendmail---you've got it configured to run as an "open relay." You'll want
to restrict relaying capability to a specific set of machines---like those
in your network and no others. (Mail sent to or from your network will
still work as normally.)
Check out http://www.sendmail.org/tips/relaying.html for details. (For
that matter, www.sendmail.org is a very good site for configuration stuff.)
However, this probably doesn't contribute to the spam your users are
getting. Open relays are typically third parties used by spammers to
conceal their address when spamming a diverse group of addressees. While
you should definitely close this hole up, you may also need to take a look
at things like the RBL and such.
Richard
More information about the Discuss
mailing list