Spammers using my server

Jay Ehrhart yoloits at ycoe.org
Fri Sep 24 15:35:54 IST 2004


This morning I had over 7000 emails in my Linux server's outbound queue
which I deleted.  My firewall log shows over 20,000 emails went out with a
SunTrust bank announce saying to login and enter your username and password.
I do not see the emails coming in like I would in a relay.  How can I stop
this or how are they doing this?

My firewall using a SMTP proxy and only allows my domain in.  I run
MailScanner on my Red Hat 3.0 mail server with Sendmail.  The box has the
lastest patches from Red Hat.  I have Sendmail setup to accept only my
domain email.

The non-deliverable reports are coming from my Linux apache user.
Non-deliverables usually come from root.  I am running apache on the server
with forms.  The forms software is the latest version and patches.

Can anybody help on this?

Thanks,
Jay

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).



More information about the MailScanner mailing list