The UNIX and Linux Forums  
Hello and Welcome from United States to the UNIX and Linux Forums! Thank You for Visiting and Joining Our Global Community.

Go Back   The UNIX and Linux Forums > Special Forums > Security
found exploit mailserver through mailq? found exploit mailserver through mailq?
.
google unix.com

Forums Register Forum RulesLinksAlbums FAQ Members List Calendar Search Today's Posts Mark Forums Read


Security Discuss UNIX and Linux computer and network security, cybersecurity, cyberattacks, IT security, CISSP, OWASP and more.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
AWK and mailq Retski Shell Programming and Scripting 2 12-16-2008 05:04 PM
mailserver keliy1 Linux 1 12-02-2004 04:55 AM
mailq tamemi UNIX for Dummies Questions & Answers 3 09-22-2003 08:53 AM
mailserver Stormpie IP Networking 1 08-07-2002 01:35 PM
Mailserver Requirements bache_gowda UNIX for Dummies Questions & Answers 1 09-20-2001 09:50 AM

Closed Thread
English Japanese Spanish French German Portuguese Italian Dutch Swedish Russian Norwegian Hungarian Hebrew Danish Powered by Powered by Google
 
LinkBack Thread Tools Search this Thread Rate Thread Display Modes
  #1 (permalink)  
Old 12-27-2008
rolandk rolandk is offline
Registered User
  
 

Join Date: Dec 2008
Posts: 6
found exploit mailserver through mailq?
First of all an appeal on all specialists to be understandfull with me, newbie. I have a RaQ 550 that I have to admin bymyself. I have executed mailq and found out that there are mails in the queu that I did not sent. Is someone exploiting my server? Here is an example of the report:

----Q-ID---- --Size-- -----Q-Time----- ------------Sender/Recipient------------
mBRIDxxxxxxx 13270 Sat Dec 27 10:13 Majordomo-Owner@xxx.xxx.net.
(Deferred: Connection timed out with attcanada.net.)
xxx@attcanada.net
mBR7Hvxxxxxxx 12986 Fri Dec 26 23:17 Majordomo-Owner@xxx.xxx.net.
(Deferred: Connection timed out with ifg.com.)
xxx@ifg.com
etc.
I do not have smtp active, only pop. I have activated now POP Authenticated Relaying with my IP through the GUI interface. Would this be enough to prevent exploiting my server for spam?
Last edited by rolandk; 12-28-2008 at 07:40 AM..
  #2 (permalink)  
Old 12-28-2008
reborg's Avatar
reborg reborg is offline Forum Staff  
Administrator
  
 

Join Date: Mar 2005
Location: Ireland
Posts: 4,209
The first thing to try would be something like: Email Server Test - Online SMTP diagnostics tool to see if you are suffering from any of the normal exploits.

Secondly make sure you don't have any web based services ( browser forms etc. ) that could be used to submit mail, these can easily bypass authentication by sending as a local user if not properly secured.
Closed Thread

Bookmarks

« sftp client can't connect | What command or script to capture a system snapshot? »
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes Rate This Thread
Hybrid Mode Hybrid Mode
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On



All times are GMT -4. The time now is 10:24 PM.

The UNIX and Linux Forums - Learn UNIX and UNIX Commands RSS Feeds - Contact Us - The UNIX and Linux Forums - Learn UNIX and UNIX Commands - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited. Language Translations Powered by .
vBCredits v1.4 Copyright ©2007 - 2008, PixelFX Studios
The UNIX and Linux Forums Content Copyright ©1993-2009. All Rights Reserved.Ad Management by RedTyger

Content Relevant URLs by vBSEO 3.2.0