General :: Spammer Breaks The Sendmail System?
Feb 26, 2010
I configured ( sendmail + Smarthost + pop-before-smtp settings + smtp auth settigns ), today i saw 18000 mail in mailq and somebody sending mail from my mailserver ,as i got reported by ISP for spaming. How someone broke the sendmail + pop-before-smtp settings. i usually access that system through webmin. Is webmin cause to hack password.
Or How someone break sendmail security without even choosing my own user / password spamper settings messages to smart hosts to yahoo / gmail with his own junk user name and password? I stopped sendmail for the time being. Any idea what i should look for and what i should go for its remediation?
View 3 Replies
ADVERTISEMENT
Jan 22, 2010
I am daily getting the same junk / spam email from this sender and I see two IP's in the headers / logs of my Postfix server. I searched my Postfix logs for both IP's:
Code:
[root@mail postfix]# cat /var/log/maillog | grep "67.212.170.242"
Jan 22 05:29:30 mail postfix/smtpd[12205]: connect from civismtp.uas.coop[67.212.170.242]
Jan 22 05:29:30 mail postgrey[2245]: action=pass, reason=client AWL, client_name=civismtp.uas.coop, client_address=67.212.170.242, sender=b.148.1296207.0e628e696f0d17ad@mail.wfmc.org, recipient=carlos@iamghost.com
Jan 22 05:29:30 mail postfix/smtpd[12205]: C00DB77A862: client=civismtp.uas.coop[67.212.170.242]
Jan 22 05:29:31 mail postfix/smtpd[12205]: disconnect from civismtp.uas.coop[67.212.170.242]
Jan 22 05:29:33 mail amavis[2351]: (02351-18) Passed CLEAN, [67.212.170.242] [192.220.23.216] <b.148.1296207.0e628e696f0d17ad@mail.wfmc.org> -> <carlos@iamghost.com>, Message-ID: <20100122095052.183D3192C012@civismtp.uas.coop>, mail_id: eY2CHd1Jva+X, Hits: -3.288, size: 22942, queued_as: 8A54C77A8E9, 2530 ms
How do I block / reject all email from this sender? Is there a specific section in Postfix like sender_access or client_access that I can 'reject' all mail from the above sender. What is the difference between IP's on the logs? I show 192.220.23.216 & 67.212.170.242 but can understand what the two separate IP's are for?
View 4 Replies
View Related
Sep 2, 2011
I installed this package on Fedora 15.
[URL]
I tried to start the application and then the system crashed and showed a message a problem has occured and it could not be repaired by Fedora itself. I had to re-login to fix the issue. When i try to re-login everytime this message appears... like an endless circle.
View 2 Replies
View Related
Apr 30, 2010
But I feel like I should warn everyone that upgrading (with PackageKit) a Kubuntu 9.10 (64-bit) to Kubuntu 10.04 LTS, completely breaks the system and makes most everything useless ... In my case it found errors in the upgrading process, and also the bug rapport tools didn't work My 9.10 was only a few weeks old and I have done nothing unusual with the system. (My computer is a Compaq 615 laptop). If there are solutions to repair the system, then I would like 2 know.
View 3 Replies
View Related
Feb 24, 2010
I am not fully sure if this belongs more to the networking section or the software. O hope it is related to here enough.
My problem is as the topic says.
My port 80 seems to be already taken. lighttpd fails to start reporting that it cannot bind to port cause its already taken.
The error message itself:
Code:
"Starting web server: lighttpd2010-02-21 07:01:02: (network.c.345) can't bind to port: :: 80 Address already in use failed!"
I am not able to crack this by myself. Ihve tried investigating this by
Code:
lsof -i :80
netstat -ape | grep -v unix
First doesn't show anything second anything abt port 80.
Now hints I can think of. Maybe you have more experience and ideas what I can do and where should I look for the culprit.
I am using debian (unstable) and lighttpd. I even tried rebooting; it says that the port is taken already at the boot sequence (well it starts pretty much at end anyway but the system should be clean).
It seems that it started failing after a major distro update, so maybe there are some conflicts based on ipv6/v4 or something, though I have no idea what it could be. Well my hit for that is the part of error msg "bind to port: :: 80 ". This "::" looks like ipv6 naming convention. Maybe its lighttpd internal.
View 2 Replies
View Related
Jun 15, 2011
I have bees assigned a problem which states that :
sendmail-2: Wrong number of instances of process sendmail:, expected instances equal 1 but found 0
THats it...what exactly this means and how should i proceed for solving this problem...
View 1 Replies
View Related
Jan 8, 2010
I would like to know where i can find a step-by-step guide to install sendmail 8.13.8 in my Red Hat Enterprise Linux 5.1, the rpm packages of sendmail are included on the DVD instalation disc, but it was not instaled when the OS was instaled, and when i tried to use the manual on the Red Hat Web i discovered that it is for a different version (of Red Hat and sendmail) and there are not the same packages, (it's missed the sendmail-*.src.rpm package but there's a sendmail-devel-8.13.8-2.el5.i386.rpm package instead). So i don't know what to do, because the first thing that that guide installs is that source package, besides, when i make "rpm -qpil package.rpm" i found that the others packages have not the same things inside (it's missed /etc/aliases and /etc/aliases.db files). Please help. I haven't found anything to install this version of sendmail, and i have never done this before.
View 3 Replies
View Related
Sep 5, 2010
I have installed postfix and dovecot on my server and thought postfix will not only take SMTP connection from my e-mail client like Outlook, but also handles "mailx" commands from the server. However, it looks like sendmail is still responsible for sending mails from "mailx". I tested this by turning it on/off using "service sendmail stop" and "service sendmail start". Mails sent using "mailx" will only be sent when sendmail is up. When I did "yum info sendmail", it lists sendmail as an installed package. Is is safe to remove sendmail by running "yum erase sendmail", and let postfix handles "mailx" also?
View 3 Replies
View Related
Nov 16, 2010
Checking the process table for the running sendmail, I would like to know the full path to the sendmail binary a la the ps -ef on a Sun or other servers. How do I get ps to give me the actual path, or should I use a different tool on my Linux servers?
View 2 Replies
View Related
Nov 1, 2010
I am using webmin for my daily tasks. I have fedora 13, whenever I click on ''Sendmail M4 Configuration'' or Outgoing Addresses (generics)'' I get the following error message
Quote:
The Sendmail M4 configuration base directory /usr/share/sendmail-cf was not found on your system, or is not the correct directory. Maybe it has not been installed (common for packaged installs of Sendmail), or the module config is incorrect. I read documentation at sendmail.org, it seems that structure of directories for send mail has been changed in version sendmail-8.1.4 shipped with FC13. In webmin config module we have
Quote:
Sendmail M4 base directory = /usr/share/sendmail-cf
which is not there. I did a locate / sendmail-cf on the command line, it finds nothing
View 17 Replies
View Related
Jul 13, 2010
I have been trying to set up ssmtp so I can send email using Gmail's ssmtp servers. However, when I try to send mail (using mailx), I get the following message:
Code:
Can't send mail: sendmail process failed
Here's the last line from dmesg (the only one applicable, according to the timestamps and message content):
Code:
[484114.608378] sendmail[17975]: segfault at 0 ip b7dbbbf3 sp bfb0dc4c error 4 in libc-2.11.2.so[b7d44000+14e000]
Here's my ssmtp.conf:
Code:
#
# /etc/ssmtp.conf -- a config file for sSMTP sendmail.
#
[code].....
View 2 Replies
View Related
Sep 26, 2009
I've copied a bunch of text into vim and I need to get rid of the line breaks. I've tried
:%s/^M// (where ^M is C-v C-m)
and
:%s/.$//
and
[code]....
all lines are terminated with a '$'. How can I get rid of them?
View 3 Replies
View Related
Jan 2, 2011
I can't seem to find any info on a terminal command that lists the contents of a directory with page breaks so that I can view the contents of a very large folder (such as /usr/bin) because if I use ls, it prints so many names that scrolling up won't even cover all of them. We all know the obvious solution is to use a graphical file browser, but I tend to shy away from depending on graphical utilities simply because command line feels faster.
View 3 Replies
View Related
Apr 1, 2010
I recently modified sendmail.cf to use a third party SMTP server to send emails. It works great. But when I run sendmail from the command line, I have to specify the -C flag and force feed it the location of my sendmail.cf, or else it doesn't work.
So in other words, the following works great:
However, if I don't specify the -C flag, sendmail doesn't consider what's in the sendmail.cf and barfs:
I don't run sendmail as a daemon. I'm only using it to send emails. I know my modifications of sendmail.cf are correct because it works perfectly when I use the -C flag. I searched my disk to see if I could find another sendmail.cf on the machine and only the one in /etc/mail came up.
Why sendmail is not reading my sendmail.cf?
I'm running Sendmail version 8.14.2 on Fedora Core 8.
View 1 Replies
View Related
May 2, 2011
I have a hard drive with a bad PCB board. It stays on when not under heavy load and it will restart if I copy too much data off it. So far I have had good luck doing folders under 500 MB in size if I copy one folder to my good hard drive, wait five minutes, copy another, etc.
If I mount the bad drive and try to copy a folder of several GBs in size it will start and then stop as the hard drive restarts. When I try to mount the drive again Linux says it can't read the superblock. I have several folders with over 30 GB of data in many different folders.
What I am looking for is a way of copying a folder in Linux such that the commands grab the whole folder in chunks with a timed break in-between.
View 3 Replies
View Related
Nov 10, 2010
I have a CSV file that's created in an application that can't output lines longer than 250 characters. the data fields, all together, are longer than this. how would I remove the line break from every line that ends with a comma? For example:
A,B,C
D,E,
F
G,H,I
becomes:
A,B,C
D,E,F
G,H,I
View 1 Replies
View Related
Sep 26, 2010
I have formatted a second internal drive as ext3. It worked fine until I copied (rsynch) my /home to the new drive. Now when I try to delete anything I'm forced to delete immediately or skip the deletion. I also tried moving the /usr/local directory to the second drive and it works fine, it doesn't break the Trash. I tried moving /home back to the root drive and the problem is gone. The second drive again works properly. I can reproduce this. The problem only occurs when I move the /home directory to the new drive.
# / was on /dev/sda1 during installation
UUID=89a54f23-98ef-45d2-bef9-47d51992fd01
/ ext4 errors=remount-ro 0 1
# swap was on /dev/sda5 during installation
UUID=fb609b91-7322-4903-9309-2f0d3a6b87d4
none swap sw 0 0
# My shared volume /dev/sdb1 (show it on desktop)
UUID=a726a583-03e5-47c6-9618-ddbfcdd4c1d6
/media/data ext3 defaults, users, exec0 0
# Moving /usr/local
/media/data/Ubuntu/usr/local
/usr/local bind defaults, bind, users, exec 0 0
# Moving /home
/media/data/Ubuntu/home
/home bind defaults, bind, users, exec 0 0
View 3 Replies
View Related
Jan 15, 2011
I have a apache server installed on my system which I use for testing out stuff like wordpress and forums. I use the server for learning stuff only. I would like to know what do I have to do so that these blogs, forums etc can send an email when someone registers. I guess most of these use sendmail to send email. So how do I configure sendmail so that it sends email using my gmail address and smtp. Also I think there is a php mail option (or something called like that) that allows us to send email without having sendmail installed.
View 1 Replies
View Related
Aug 9, 2010
Is it possible to migrate users from sendmail to Windows AD?
View 3 Replies
View Related
Mar 9, 2011
Been using the Amazon EC2 Linux AMI and enjoying it.It comes configured with sendmail. I think I'd rather use postfix.replacing sendmail with postfix might be as simple as what I found searching online:
$ rpm -e sendmail
$ yum install postfix.
However rpm complains:
$ rpm -e sendmail
error: Failed dependencies:
smtpdaemon is needed by (installed) mdadm-2.6.9-3.7.amzn1.i386
View 1 Replies
View Related
Apr 14, 2011
I am in need of configuration settings and steps for sending mails from linux server to some other domain or network. I need to send mail from linux system to my mail id.
View 1 Replies
View Related
Jan 24, 2011
Can connect to our mail server using telnet onto port 25 and this works correctly, 'ehlo whatever' shows output as expected.
However using a mail client to connect it gives an authentication error and the following appears in the maillog file;
did not issue MAIL/EXPN/VRFY/ETRN during connection to MTA
what to look for in the config, this works correctly on our development box but not on our production server. Could it be another program is interfering with the connection?
Sendmail is running in standalone mode not through the xinetd daemon.
I am using the PLAIN AUTH method as to try and avoid getting more errors.
View 1 Replies
View Related
Aug 28, 2010
I am having a problem with sendmail. Using a php script the process that 30 seconds to send. I have googled the symptoms and have changed sendmail.cf ==> Timeout.ident=0 and configured /etc/hosts properly. I'm using Fedora 11 and 12, same issue.
View 7 Replies
View Related
Feb 27, 2010
We are using RHEL4 AS U5 and Sendmail version sendmail-8.13.8. How to find out total mail transfer size (month basis) through Sendmail service. Is it possible in linux.
View 1 Replies
View Related
Oct 18, 2010
I am on Red Hat Enterprise Linux AS release 4 (Nahant Update 6). I need to configure Sendmail in my Linux Server.
1. edit /etc/mail/sendmail.mc
dnl #
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')dnl
dnl DAEMON_OPTIONS(`Port=smtp,Addr=172.16.10.6,Name=MTA')dnl
dnl #
2.rebuild /etc/sendmail.cf from the revised /etc/mail/sendmail.mc thus:
m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
3. Edit /etc/sysconfig/sendmail
DAEMON=yes
QUEUE=1h
4.And restart sendmail
cd /etc/mail
make
service sendmail restart
5.sendmail -v abc@gmail.com
Its working but going to spam and more thing. I am not able to send to our company id..
sendmail -v abc@rbs.com
View 6 Replies
View Related
Sep 29, 2010
To configure sendmail on my linux system.
View 2 Replies
View Related
Dec 4, 2010
As per the subject really, is it possible to configure sendmail to use my ISP's SMTP gateway? If so, how?
View 10 Replies
View Related
Dec 15, 2010
I have a server provided dns and sendmail service, dns keeping record for my public servers. I don't want my server to be open dns server, so I just add recursion and forwarders option to named.conf, like: allow-recursion {192.168.x.x/24; 123.123.x.x/28; 127.0.0.0/8;}; forwarders {publicDNSipA; publicDNSipB;}; After restart named, all sendmail user can't mail to other internet account (like xxxxx@gmail.com); but local account is ok
[Code]....
View 3 Replies
View Related
Aug 1, 2011
I searched sendmail using "dpkg -l sendmail" on ubuntu 9.04 jaunty" & found, package not installed. I am trying to install sendmail using "aptitude install sendmail", but it is not installing & the process is showing as it is being installed even after 5 minutes. how can I install sendmail by using CLI mode. Becuase none of the user account is able to send mail to our offcial mail ID, which is getting mails from other servers.
View 2 Replies
View Related
Feb 15, 2010
I am in verse to try out setting up Sendmail Relay Box.I have 3 Machines:sender.sap.com,relay.sap.com and receiver.sap.com.All I need a user fred in sender.sap.com able to send mail to a user tom in receiver.sap.com through relay.sap.com machine.I guess that is all about relaying Correct?How can I achieve that?
View 7 Replies
View Related
