Sponsored Content
Special Forums Cybersecurity SMTP Flooding - How can I stop it? Post 302157712 by zaroundus on Friday 11th of January 2008 06:57:41 PM
Old 01-11-2008
I ran a top to see running processes and it looks like qmail. Though I thought qmail used sendmail somehow. Could be wrong though.... I'm okay with UNIX but only mostly for web server things. (Apache, MySQL, PHP...) I'm new to security and mail server testing/repair/hardening so I'm at a standstill. I made a few changes to the sendmail.cf file and one of the qmail files to throttle the connection rate and to pause 5 seconds before returning GREET. After switching Port 25 back on today the relays are no longer being passed on (I think...). My SMTP server is still being bombarded with connection requests so I'm not sure if I've completely resolved this or if I need to look elsewhere for connection restrictions. The connection attempt rate has, at times, approached 1.07 connections per second!
 

9 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Smtp

Hi All, I am running an email server on a Linux machine. My goal is to set up in a way that I can use pop3 to retrieve mail from a Windows machine using Outlook. Now I can download the messages from the Linux email server, however I can not send out messages. I encounter this error: ... (1 Reply)
Discussion started by: vtran4270
1 Replies

2. IP Networking

SMTP with sendmail

Hi, I have a solaris 9 box, and 2 domains A.com and B.net. the machine is on B.net. I am not able to send emails to @A.com using mail or mailx. after reading on sendmail, there was something about relaying and editing the file /etc/mail/relay-domains. Please let me know if this is what i... (1 Reply)
Discussion started by: 0ktalmagik
1 Replies

3. UNIX for Advanced & Expert Users

how to stop others users to stop viewing what i am doing ?

Hi , I have one question, suppose i am a normal user and when i use 'w' command , it shows who is logged on and what they are doing . Now i want to stop others users to know what i am doing accept the root ? can i do this ? thanks (5 Replies)
Discussion started by: mobile01
5 Replies

4. Programming

C Smtp

how do you send a ".\n" in a smtp client? >354 Send message, end with <CRLF>.<CRLF> >. > i have already issued a "./n" but it doesnt work. please help. thanks. (1 Reply)
Discussion started by: grotesque
1 Replies

5. AIX

SMTP doubt

Hi All, I have a unix box which is in a network with windows machine, I am able to send the mails to the user id's with in the unix box. I dont have Internet connection for this box, so I am not able to test if it can send mails to external network or not? I want to know, if SMTP is already... (0 Replies)
Discussion started by: balu_puttaganti
0 Replies

6. UNIX for Dummies Questions & Answers

Smtp

Hi All, I have a unix box which is in a network with windows machine, I am able to send the mails to the user id's with in the unix box. I dont have Internet connection for this box, so I am not able to test if it can send mails to external network or not? I want to know, if SMTP is already... (1 Reply)
Discussion started by: balu_puttaganti
1 Replies

7. Red Hat

SMTP Settings

Hi all, Please help to check weather the SMTP settings are configured or not on my LINUX server? I want to send a mail to mailbox. I know that the target SMTP server has to be configured on LINUX box to do so. How can i see weather it is configured or not? --Ramesh Ch. (3 Replies)
Discussion started by: Raamc
3 Replies

8. Solaris

Svc messages flooding the system logs every second

Hi all I have a newly installed Oracle X2-4 server running Solaris 10 x86 with the latest patches. I have one non-global zone configured running an Oracle DB instance. After configuring IPMP failover between two NICs on the server and rebooting I am seeing the /var/adm/messages being flooded... (7 Replies)
Discussion started by: notreallyhere
7 Replies

9. Shell Programming and Scripting

Sudo or su keeps flooding my /var/log/messages

It is crazy when you just entered a command example sudo or su or even ps. It will flood your /var/log/messages. Please see duplicate entries except for the pid. At 1 specific time. Thanks $ cat b Jan 13 17:09:05 SERVER1 bash: user1 as root: Jan 13 17:09:05 SERVER1 bash: user1 as root: Jan... (3 Replies)
Discussion started by: invinzin21
3 Replies
etrn(1M)						  System Administration Commands						  etrn(1M)

NAME
etrn - start mail queue run SYNOPSIS
etrn [-b] [-v] server-host [client-hosts] DESCRIPTION
SMTP's ETRN command allows an SMTP client and server to interact, giving the server an opportunity to start the processing of its queues for messages to go to a given host. This is meant to be used in start-up conditions, as well as for mail nodes that have transient connec- tions to their service providers. The etrn utility initiates an SMTP session with the host server-host and sends one or more ETRN commands as follows: If no client-hosts are specified, etrn looks up every host name for which sendmail(1M) accepts email and, for each name, sends an ETRN command with that name as the argument. If any client-hosts are specified, etrn uses each of these as arguments for successive ETRN commands. OPTIONS
The following options are supported: -b System boot special case. Make sure localhost is accepting SMTP connections before initiating the SMTP session with server-host. This option is useful because it prevents race conditions between sendmail(1M) accepting connections and server-host attempting to deliver queued mail. This check is performed automatically if no client-hosts are specified. -v The normal mode of operation for etrn is to do all of its work silently. The -v option makes it verbose, which causes etrn to display its conversations with the remote SMTP server. ENVIRONMENT VARIABLES
No environment variables are used. However, at system start-up, svc:/network/smtp:sendmail reads /etc/default/sendmail. In this file, if the variable ETRN_HOSTS is set, svc:/network/smtp:sendmail parses this variable and invokes etrn appropriately. ETRN_HOSTS should be of the form: "s1:c1.1,c1.2 s2:c2.1 s3:c3.1,c3.2,c3.3" That is, white-space separated groups of server:client where client can be one or more comma-separated names. The :client part is optional. server is the name of the server to prod; a mail queue run is requested for each client name. This is comparable to running: /usr/lib/sendmail -qR client on the host server. EXAMPLES
Example 1 Using etrn Inserting the line: ETRN_HOSTS="s1.domain.com:clnt.domain.com s2.domain.com:clnt.domain.com" in /etc/default/sendmail results in svc:/network/smtp:sendmail invoking etrn such that ETRN commands are sent to both s1.domain.com and s2.domain.com, with both having clnt.domain.com as the ETRN argument. The line: ETRN_HOSTS="server.domain.com:client1.domain.com,client2.domain.com" results in two ETRN commands being sent to server.domain.com, one with the argument client1.domain.com, the other with the argument client2.domain.com. The line: ETRN_HOSTS="server1.domain.com server2.domain.com" results in set of a ETRN commands being sent to both server1.domain.com and server2.domain.com; each set contains one ETRN command for each host name for which sendmail(1M) accepts email, with that host name as the argument. FILES
/etc/mail/sendmail.cf sendmail configuration file /etc/default/sendmail Variables used by svc:/network/smtp:sendmail ATTRIBUTES
See attributes(5) for descriptions of the following attributes: +-----------------------------+-----------------------------+ | ATTRIBUTE TYPE | ATTRIBUTE VALUE | +-----------------------------+-----------------------------+ |Availability |SUNWsndmu | +-----------------------------+-----------------------------+ |Interface Stability |Stable | +-----------------------------+-----------------------------+ SEE ALSO
sendmail(1M), attributes(5) RFC 1985 NOTES
Not all SMTP servers support ETRN. SunOS 5.11 10 Aug 2004 etrn(1M)
All times are GMT -4. The time now is 08:55 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy