Re: Help with hijacked sendmail

From: info@perimeterdefence.com
Date: 09/25/01 

Date: Mon, 24 Sep 2001 22:39:57 -0400 (EDT)
From: <info@perimeterdefence.com>
To: Dan Abend <dan_abend@hotmail.com>
Subject: Re: Help with hijacked sendmail
Message-ID: <Pine.LNX.4.21.0109242233440.7481-100000@hq.seertec.com>

Dan: you did not mention what version of sendmail you are running but it
appears that you may not have configured your sendmail to reject relaying:

check /etc/mail/access file - it should only contain the IP addresses of
hosts that are allowed to relay (this should typically be only hosts on
your network)

check http://www.sendmail.org/m4/anti-spam.html for more details on how to
configure this.

good luck

On Mon, 24 Sep 2001, Dan Abend wrote:

> I noticed some odd behavior going on in my maillog file. I've checked my
> sendmail configuration and have no idea how to get this behavior to stop. I
> don't see anything out of the ordinary in any other log. For now, sendmail
> is stopped. I don't even know what to try or where to examine next. Any
> suggestions are appreciated. This is what I see in the log and there are a
> lot of them. (Email addresses have been altered to protect the innocent)
>
> Sep 6 21:09:35 server1 sendmail[22176]: VAA22176: from=nobody, size=1639,
> class=0, pri=271639, nrcpts=9,
> msgid=<200109070209.VAA22176@server1.mydomain.com>, relay=nobody@localhost
> Sep 6 21:09:36 server1 sendmail[22178]: VAA22176:
> to=someguy1@aol.com,someguy2@aol.com,someguy3@aol.com,someguy4@aol.com,someguy5@aol.com,someguy6@aol.com,someguy7@aol.com,someguy8@aol.com,someguy19@aol.com,
> ctladdr=nobody (99/99), delay=00:00:01, xdelay=00:00:01, mailer=esmtp,
> relay=mailin-01.mx.aol.com. [152.163.224.26], stat=Sent (OK)
>
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>

Relevant Pages

  • RE: sendmail configuration
    ... perhaps your configuration file is ... When did you install sendmail? ... CAUTION: This e-mail and any attachmentcontain ...
    (RedHat)
  • No AUTH available / No secret found in database
    ... We are using Sendmail 8.13.4/8.13.4 and Cyrus-SASL 2.1.19. ... authentication configuration information to the .mc file, ... Somehow, I managed to add something else to the configuration, either ... dnl # General defines ...
    (comp.mail.sendmail)
  • Re: sendmail configuration
    ... While you have the generics enabled this is effected by the masquerading functions. ... Most complex sendmail configurations are done through the proper configuration of the cascading rules. ... Hence why you will get better results with the sendmail lists. ...
    (freebsd-questions)
  • Re: We need a new subject- bug fixes
    ... you install fedora. ... Sendmail does give you the opportunity to use a pre-built configuration. ... machines are not going to be an Internet mail server. ...
    (Fedora)
  • Re: We need a new subject- bug fixes
    ... you install fedora. ... If we haven't established yet that email isn't very useful unless some machines accept mail over the network, let's do that now to make it clear that is a needed configuration choice. ... And this relates to how easy it is to change the sendmail ... machines are not going to be an Internet mail server. ...
    (Fedora)