A lot of spam getting through

Steve Campbell campbell at cnpapers.com
Tue May 1 15:53:03 IST 2007 

----- Original Message ----- 
From: "Billy A. Pumphrey" <bpumphrey at woodmclaw.com>
To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
Sent: Tuesday, May 01, 2007 10:34 AM
Subject: RE: A lot of spam getting through


> Results of the DNS server commands.  I am pretty sure that I don't have
> a DNS server on this machine.
>
>> > --
>> If you're running RH flavor OS,  do one of the following as root:
>>
>> ps -ax | grep named
>
> 11957 pts/0    S+     0:00 grep named
>
>>
>> chkconfig --list named
>
> error reading information on service named: No such file or directory
>
>>
>> ls /etc/rc.d/init.d/named
>
> ls: /etc/rc.d/init.d/named: No such file or directory
>
>>
>> netstat -an | grep 53
>
> tcp        0      0 127.0.0.1:11553             0.0.0.0:*
> LISTEN
> tcp        0      0 127.0.0.1:11553             127.0.0.1:51545
> CLOSE_WAIT
> tcp        0    116 10.1.1.24:25                81.217.42.147:35365
> FIN_WAIT1
> tcp        0      0 127.0.0.1:51525             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51527             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51523             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51532             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51535             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51534             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51528             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51531             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51530             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51540             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51542             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51536             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51538             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 127.0.0.1:51545             127.0.0.1:11553
> FIN_WAIT2
> tcp        0      0 127.0.0.1:51544             127.0.0.1:11553
> TIME_WAIT
> tcp        0      0 ::ffff:10.1.1.24:51537      ::ffff:10.1.1.22:25
> TIME_WAIT
> tcp        0      0 ::ffff:10.1.1.24:51533      ::ffff:10.1.1.22:25
> TIME_WAIT
> unix  2      [ ACC ]     STREAM     LISTENING     12953341
> /var/lib/mysql/mysql.sock
> unix  2      [ ACC ]     STREAM     LISTENING     25378793
> /var/run/dcc/dccm
> unix  3      [ ]         STREAM     CONNECTED     25538221
> /var/lib/mysql/mysql.sock
> unix  3      [ ]         STREAM     CONNECTED     25538220
> unix  2      [ ]         DGRAM                    25538209
> unix  2      [ ]         DGRAM                    25537800
> unix  2      [ ]         DGRAM                    25537373
> unix  2      [ ]         DGRAM                    25536669
> unix  2      [ ]         DGRAM                    25536086
> unix  2      [ ]         DGRAM                    25378792
> [root at WoodenMS2 spamassassin]#
>
>> One of these should maybe give you an idea about a DNS server. If
> you're
>> running some other OS, I can't really help.
>>
>> Steve
>>
>>
> -- 
OK, it looks pretty certain that you aren't running a DNS server on the box. 
Don't change your resolv.conf, then, until you install Bind or, as Mogens 
Melander suggested, one of the other DNS servers. But that's a project for 
another day, it sounds like.

Steve

More information about the MailScanner mailing list