Regarding Blocking access
siva kumar
sivasunil1000 at yahoo.com
Tue Mar 13 05:07:24 UTC 2007
Hi,
Thanks for replying,
yes, i am using this linux server as gateway server for lan.
We aren't having any SMTP server.
Can you please tell me how can i check the open relays. and how can i block those relays.
Please help me
Thanks & Regards
Siva Kumar
On 3/8/07, siva kumar <sivasunil1000 at yahoo.com> wrote:
> Hi Friends,
>
> I am new to this group and new to linux
> We have one linux server which is public ip.
> All the mails going from our linux server are going to spam.
> somebody is logging remotely and using my linux server for smtp
purpose.
> how can i block the access.
>
> Regards,
> Siva Kumar
>
I can think of some possibilities, the first one could be a
misconfigured mail service working as an open relay on your server. If
you don't need any smtp server you can simply disable the service. A
similar thing could happen if you have an open proxy or a web server
having exploitable forms. If you are using this linux server as a
gateway for your LAN without a firewall, there could be some spam
trojan or worm infected system in the LAN sending out these mails.
As a first step, you can use iptables to stop the outgoing traffic
destined for port 25. If you are using your own SMTP server inside the
LAN, just selectively allow this system to send traffic to port 25.
Otherwise if you have mail clients accessing external SMTP servers,
you can allow outgoing port 25 traffic meant for those servers only.
Also check your linux server configuration to see if its working as an
open relay or open proxy.
--
Manish Kathuria
Tux Technologies
http://www.tuxtechnologies.co.in/
---------------------------------
TV dinner still cooling?
Check out "Tonight's Picks" on Yahoo! TV.
More information about the redhat-list
mailing list