On 22 Jul 2003, Mike Manchester wrote:
> Is there a way to check my sendmail configureation to insure it's not
> allowing spamers to use my sendmail as a relay? I just recently have
> some emails showing up in my filterd folder and when I look at the
> headers they show it orginited at my localhost (tango 127.0.01) Did this
> really happen or was that part spoofed?
>
> Looking at my logs I see that if we shut down juno domain we would end
> spam :) But on another note, I see way more of these.
>
> Jul 20 07:45:15 tango sendmail[26416]: h6KBjEv26415:
> to=<mchester@localhost>, delay=00:00:0
> 1, xdelay=00:00:01, mailer=local, pri=85966, dsn=2.0.0, stat=Sent
>
> Than what I really sent as far as emails. Does this mean that someone is
> spoofing the localhost and using my sendmail as a realy? Is there anyway
> to stop this if that's the case? But to sill allow my other machines to
> use my server as the relay to the outside world?
>
> Thanks
> Mike M
>
> P.S. Is this easier to prevent with qmail? Is there a way to check my sendmail configureation to insure it's not
> allowing spamers to use my sendmail as a relay? I just recently have
> some emails showing up in my filterd folder and when I look at the
> headers they show it orginited at my localhost (tango 127.0.01) Did this
> really happen or was that part spoofed?
>
> Looking at my logs I see that if we shut down juno domain we would end
> spam :) But on another note, I see way more of these.
>
> Jul 20 07:45:15 tango sendmail[26416]: h6KBjEv26415:
> to=<mchester@localhost>, delay=00:00:0
> 1, xdelay=00:00:01, mailer=local, pri=85966, dsn=2.0.0, stat=Sent
>
> Than what I really sent as far as emails. Does this mean that someone is
> spoofing the localhost and using my sendmail as a realy? Is there anyway
> to stop this if that's the case? But to sill allow my other machines to
> use my server as the relay to the outside world?
>
> Thanks
> Mike M
>
> P.S. Is this easier to prevent with qmail? Is there a way to check my sendmail configureation to insure it's not
> allowing spamers to use my sendmail as a relay? I just recently have
> some emails showing up in my filterd folder and when I look at the
> headers they show it orginited at my localhost (tango 127.0.01) Did this
> really happen or was that part spoofed?
>
> Looking at my logs I see that if we shut down juno domain we would end
> spam :) But on another note, I see way more of these.
>
> Jul 20 07:45:15 tango sendmail[26416]: h6KBjEv26415:
> to=<mchester@localhost>, delay=00:00:0
> 1, xdelay=00:00:01, mailer=local, pri=85966, dsn=2.0.0, stat=Sent
>
> Than what I really sent as far as emails. Does this mean that someone is
> spoofing the localhost and using my sendmail as a realy? Is there anyway
> to stop this if that's the case? But to sill allow my other machines to
> use my server as the relay to the outside world?
>
> Thanks
> Mike M
>
> P.S. Is this easier to prevent with qmail? Is there a way to check my sendmail configureation to insure it's not
> allowing spamers to use my sendmail as a relay? I just recently have
> some emails showing up in my filterd folder and when I look at the
> headers they show it orginited at my localhost (tango 127.0.01) Did this
> really happen or was that part spoofed?
>
> Looking at my logs I see that if we shut down juno domain we would end
> spam :) But on another note, I see way more of these.
>
> Jul 20 07:45:15 tango sendmail[26416]: h6KBjEv26415:
> to=<mchester@localhost>, delay=00:00:0
> 1, xdelay=00:00:01, mailer=local, pri=85966, dsn=2.0.0, stat=Sent
>
> Than what I really sent as far as emails. Does this mean that someone is
> spoofing the localhost and using my sendmail as a realy? Is there anyway
> to stop this if that's the case? But to sill allow my other machines to
> use my server as the relay to the outside world?
>
> Thanks
> Mike M
>
> P.S. Is this easier to prevent with qmail? Is there a way to check my sendmail configureation to insure it's not
> allowing spamers to use my sendmail as a relay? I just recently have
> some emails showing up in my filterd folder and when I look at the
> headers they show it orginited at my localhost (tango 127.0.01) Did this
> really happen or was that part spoofed?
>
> Looking at my logs I see that if we shut down juno domain we would end
> spam :) But on another note, I see way more of these.
>
> Jul 20 07:45:15 tango sendmail[26416]: h6KBjEv26415:
> to=<mchester@localhost>, delay=00:00:0
> 1, xdelay=00:00:01, mailer=local, pri=85966, dsn=2.0.0, stat=Sent
>
> Than what I really sent as far as emails. Does this mean that someone is
> spoofing the localhost and using my sendmail as a realy? Is there anyway
> to stop this if that's the case? But to sill allow my other machines to
> use my server as the relay to the outside world?
>
> Thanks
> Mike M
>
> P.S. Is this easier to prevent with qmail?
>
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 19:43:06 EDT