Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

How to stop spammers

Status
Not open for further replies.
phile

phile

Programmer
Apr 20, 2001
14
GB
Hi,

I have sendmail 8.10.2 installed as default on my Cobalt RaQ4 and am a complete novice. I have recently discovered that mail is being sent from my server using a valid domain to ensure the mail is relayed. The entries in the log file are shown like this...
Code: 
to=<name@domain.com>[URL unfurl="true"]www.virtualsite.com,[/URL] ctladdr=username
name@domain.com being the address the spam is sent to, being a virtual site on my server which means that all errors and bounces come back to one of our customers and username being a valid user of that virtual site. I have also seen entries in the log file like this...
Code: 
to=username, relay=username@localhost
How do I stop this happening without denying all relaying? Can I stop all relaying from localhost and ensure that addresses in the format <user@domain.com> are thrown out?

TIA

Phil
 
Sort by date Sort by votes
Hello

I'm not sure I'm understanding your question correctly.

But if all you're looking to do is stop 'wouldbe spammers' from using your system as a relay point, while keeping relay available for valid users, I'd recommend pop before smtp.
What this does is validate the sender by requring them to 'check' their mail before allowing them to send.

Once the user has been 'authenticated' the user will have a designated period of time their ip will be allowed to relay.(the default is 30min)

Very easy to configure, and easy to follow directions.

Hope this helps
 
Upvote 0 Downvote
It is fairly simple to configure Sendmail to &quot;relay only for authenticated users&quot; and to implement SMTP AUTH to require the sender to not only enter their user name but their password in order to send SMTP traffic. This is just a checkbox in their email client. This will prevent spammers from using your mail system to send out their spew, and get you quickly listed in one or more blacklists, which will block your legitimate mail. Implementing POP before SMTP is somewhat outdated, and a little more resource intensive than SMTP AUTH.

Secondly, you can filter against open relay spam, by adding the configuration found at
You can additionally filter against spam by adding the configuration found at
These two filters will not slow down your email processing, and they are free as well. Experience shows that very little spam gets past this combination of filters.

The next step which is also easy in Sendmail, is to do anti-virus scanning. There are a number of really good virus scanners that work with sendmail that are available at either no cost, or minimal cost. MSCE, MCSP, Application Service Provider, Web Site and Email hosting.
 
Upvote 0 Downvote
Thanks guys, it turned out to be a perl script that was being abused, converted it to PHP and secured it, now all is well. Thanks for your advise I will be implementing this as additional security.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

mduddytel
  • Locked
  • Question
How to save a huge Sent folder then clear it - Linux
Replies
0
Views
489
mduddytel
mduddytel
cndgk
  • Locked
  • Question
What might cause local-originated (submit.cf?) mail not to show up in syslog,but incoming mail does?
Replies
0
Views
715
cndgk
cndgk
lolodirezo
  • Locked
  • Question
detect unused sendmail mailboxes in order to delete these boxes
Replies
0
Views
469
lolodirezo
lolodirezo
cjtucker1976
  • Locked
  • Question
Sendmail- can only send mail to external domains
Replies
0
Views
486
cjtucker1976
cjtucker1976
itayemi
  • Locked
  • Question
How to get Sendmail to relay only to specific domains for a particular client IP
Replies
0
Views
261
itayemi
itayemi

Part and Inventory Search

Sponsor

Back
Top