Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: SMTP Flooding - How can I stop it?
Special Forums Cybersecurity SMTP Flooding - How can I stop it? Post 302157613 by zaroundus on Friday 11th of January 2008 01:03:53 PM
Old 01-11-2008
SMTP Flooding - How can I stop it?
Please someone help! My SMTP server has been under attack for days and I'm at my wits end. I'm by no means a UNIX security expert but I've been reading and researching for days to no avail. I'm getting unauthorized mail from external servers being relayed or redirected through my SMTP server. The IP addresses change on almost every connection. I can post log excerpts and config file info if necessary. I just don't know what would be relevant. This is a virtual dedicated server from godaddy.com running RedHat Fedora and PLESK admin control panels. I really need help so anyone who might have any ideas or suggestions, please respond! Thanks everyone.
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Smtp

Hi All, I am running an email server on a Linux machine. My goal is to set up in a way that I can use pop3 to retrieve mail from a Windows machine using Outlook. Now I can download the messages from the Linux email server, however I can not send out messages. I encounter this error: ... (1 Reply)
Discussion started by: vtran4270
1 Replies

2. IP Networking

SMTP with sendmail

Hi, I have a solaris 9 box, and 2 domains A.com and B.net. the machine is on B.net. I am not able to send emails to @A.com using mail or mailx. after reading on sendmail, there was something about relaying and editing the file /etc/mail/relay-domains. Please let me know if this is what i... (1 Reply)
Discussion started by: 0ktalmagik
1 Replies

3. UNIX for Advanced & Expert Users

how to stop others users to stop viewing what i am doing ?

Hi , I have one question, suppose i am a normal user and when i use 'w' command , it shows who is logged on and what they are doing . Now i want to stop others users to know what i am doing accept the root ? can i do this ? thanks (5 Replies)
Discussion started by: mobile01
5 Replies

4. Programming

C Smtp

how do you send a ".\n" in a smtp client? >354 Send message, end with <CRLF>.<CRLF> >. > i have already issued a "./n" but it doesnt work. please help. thanks. (1 Reply)
Discussion started by: grotesque
1 Replies

5. AIX

SMTP doubt

Hi All, I have a unix box which is in a network with windows machine, I am able to send the mails to the user id's with in the unix box. I dont have Internet connection for this box, so I am not able to test if it can send mails to external network or not? I want to know, if SMTP is already... (0 Replies)
Discussion started by: balu_puttaganti
0 Replies

6. UNIX for Dummies Questions & Answers

Smtp

Hi All, I have a unix box which is in a network with windows machine, I am able to send the mails to the user id's with in the unix box. I dont have Internet connection for this box, so I am not able to test if it can send mails to external network or not? I want to know, if SMTP is already... (1 Reply)
Discussion started by: balu_puttaganti
1 Replies

7. Red Hat

SMTP Settings

Hi all, Please help to check weather the SMTP settings are configured or not on my LINUX server? I want to send a mail to mailbox. I know that the target SMTP server has to be configured on LINUX box to do so. How can i see weather it is configured or not? --Ramesh Ch. (3 Replies)
Discussion started by: Raamc
3 Replies

8. Solaris

Svc messages flooding the system logs every second

Hi all I have a newly installed Oracle X2-4 server running Solaris 10 x86 with the latest patches. I have one non-global zone configured running an Oracle DB instance. After configuring IPMP failover between two NICs on the server and rebooting I am seeing the /var/adm/messages being flooded... (7 Replies)
Discussion started by: notreallyhere
7 Replies

9. Shell Programming and Scripting

Sudo or su keeps flooding my /var/log/messages

It is crazy when you just entered a command example sudo or su or even ps. It will flood your /var/log/messages. Please see duplicate entries except for the pid. At 1 specific time. Thanks $ cat b Jan 13 17:09:05 SERVER1 bash: user1 as root: Jan 13 17:09:05 SERVER1 bash: user1 as root: Jan... (3 Replies)
Discussion started by: invinzin21
3 Replies

LEARN ABOUT DEBIAN

smtpdcheck

smtpdcheck(1)							Mail Avenger 0.8.3						     smtpdcheck(1)

NAME

       smtpdcheck - check SMTP servers

SYNOPSIS

       smtpdcheck [--stop {ip-addr|name}] [--timeout seconds]
		  [prio:]server [[prio:]server]

DESCRIPTION

       smtpdcheck checks to see if SMTP servers are available.	The intent is for use on secondary mail servers, which have no reason to accept
       mail when the primary server is available.

       The argument consists of a list of server names, each of which may optionally be prefixed by a numeric MX priority and a colon.	(This is
       exactly the format for MX records returned by the avenger dns command.)	smtpdcheck will attempt to connect to each server in succession.

       If one of the servers specified on the command line is available, smtpdcheck will print its name to standard output and exit with status 1.
       If smtpdcheck cannot connect to any of the servers, it will exit with status 0.	If a system error occurs, smtpdcheck will exit with status
       2.

   OPTIONS
       --stop {ip-addr|name}
	   Tells smtpdcheck to stop before checking a server with IP address ip-addr or hostname name.	If such a host is encountered in the list
	   of servers and prio is specified, then smtpdcheck will consider it acceptable for other servers with the same priority to be available,
	   even if those servers were first in the list.  In other words, given the following arguments:

		  smtpdcheck --stop s2.domain.com 
			     10:s1.domain.com 10:s2.domain.com 
			     20:s3.domain.com

	   This command will always succeed, regardless of whether "s1.domain.com" is up, because "s2.domain.com" has the same priority.  On the
	   other hand, the following command will fail and output "s1.domain.com" if "s1.domain.com" is up:

		  smtpdcheck --stop s2.domain.com 
			     10:s1.domain.com 20:s2.domain.com 
			     30:s3.domain.com

	   If a gethostbyname lookup for the argument name fails, smtpdcheck will exit immediately with status 2.

       --timeout {seconds]
	   By default, smtpdcheck spends 10 seconds probing each server.  This includes the time to do a DNS lookup, to establish a TCP connection
	   to port 25 of the server, and to read the "220" SMTP code from the server's SMTP greeting message.  To use a different value, specify
	   it with the --timeout option.  The value 0 disables the timeout completely, which is dangerous since smtpdcheck might then end up
	   waiting forever to read the "220" string.

EXAMPLES

       To refuse to relay mail at a secondary MX server when the primary server is not down, you might place the following in
       /etc/avenger/secondary (assuming MxLocalRcpt is 1):

	       dns RECIP_MXES mx "$RECIPIENT_HOST"
	       setvars
	       server=`smtpdcheck --stop $MYIP $RECIP_MXES`
	       test -n "$server" && defer "Please use server $server"

SEE ALSO

       avenger(1) dbutil(1) asmtpd.conf(5),

       The Mail Avenger home page: <http://www.mailavenger.org/>.

BUGS

       smtpdcheck could achieve much lower latency by probing all the servers simultaneously.  It should also include some kind of caching, to
       avoid repeatedly trying to contact an unavailable server.  Finally, hosts with multiple IP addresses could be handled more cleanly, though
       what smtpdcheck does should probably work in most cases.

AUTHOR

       David Mazieres

Mail Avenger 0.8.3						    2012-04-05							     smtpdcheck(1)
All times are GMT -4. The time now is 04:47 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy