From owner-freebsd-questions@FreeBSD.ORG Mon Jan 8 15:53:27 2007 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 5279916A504 for ; Mon, 8 Jan 2007 15:53:27 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from mx00.pub.collaborativefusion.com (mx00.pub.collaborativefusion.com [206.210.89.199]) by mx1.freebsd.org (Postfix) with ESMTP id F310D13C459 for ; Mon, 8 Jan 2007 15:53:26 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from vanquish.pgh.priv.collaborativefusion.com (vanquish.pgh.priv.collaborativefusion.com [192.168.2.61]) (SSL: TLSv1/SSLv3,256bits,AES256-SHA) by wingspan with esmtp; Mon, 08 Jan 2007 10:53:26 -0500 id 000564D9.45A268F6.00006B7C Date: Mon, 8 Jan 2007 10:53:25 -0500 From: Bill Moran To: "David Banning" Message-Id: <20070108105325.b2628280.wmoran@collaborativefusion.com> In-Reply-To: <6db0aaaa0701080748g7b9f8f43naaadea4942611ba4@mail.gmail.com> References: <6db0aaaa0701061202r1bec87a3g526268964185b0c5@mail.gmail.com> <45a09666.30c59e1a.7415.771bSMTPIN_ADDED@mx.google.com> <6db0aaaa0701080748g7b9f8f43naaadea4942611ba4@mail.gmail.com> Organization: Collaborative Fusion X-Mailer: Sylpheed 2.3.0 (GTK+ 2.10.6; i386-portbld-freebsd6.1) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: "Tamouh H." , questions@freebsd.org Subject: Re: stopping my server from spamming X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jan 2007 15:53:27 -0000 In response to "David Banning" : > > This is more of a question geared towards your mail server application than FreeBSD. You should check your mail logs. If you want better advise, you may want to provide more information on what mail server are you running, and what did you do to prevent SMTP relay. > > I am using sendmail. It will not allow open relaying. What I would > like to know is > how I can separate legitimate emails in the log from spam. All that > appears is the from: > and the to:. Look at one of the spam emails and review the headers to see how it's getting delivered. > In the past I have seen separate SMTP servers installed by viruses on > windows boxes > which are spamming away -independent- of sendmail. I have blocked port > 25 from all > my connected windows boxes, but will that take care of it? Who knows. You first have to determine how the problem is occurring. The block you've implemented is a good idea -- I think everyone should do it as a matter of course, but there's no guarantee that it will fix your particular problem until you know what that problem is. -- Bill Moran Collaborative Fusion Inc.