Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Top Relays

Status
Not open for further replies.
stevenriz

stevenriz

IS-IT--Management
May 21, 2001
1,069
Hi the root user is getting this email each day. Does this section of the email actually show that some people are using our mail server as a relay? But another section of the email shows that many spammers are getting relaying denied messages.. I am certain we do not relay but what do you make of these excerps from the log file???

Top relays (recipients/connections - min 10 rcpts, max 50 lines):
36/36: [211.195.53.149]
17/17: [63.123.248.14]
13/13: [222.96.225.26]
12/12: [172.30.2.1]
11/11: [81.196.97.34]
11/11: [202.14.69.10]

AND
Relaying denied:
From [218.17.73.65] to popogigi1975@yahoo.com.tw: 1 Time(s)
From [221.142.80.221] to salamin@siemens.ch: 1 Time(s)
From adsl-71-133-89-246.dsl.scrm01.pacbell.net [71.133.89.246] to mydc@tisd.net: 1 Time(s)
....and the list goes on and on.....
 
Sort by date Sort by votes
You may still have an open relay. For example, if you allow relaying for your entire domain, the return addresses can be spoofed. Spammers use many tricks to get your server to think their mail is ok to relay. One way to defeat this is to authenticate all mail going through your server. Normally, a user name and password are only asked for when a user wants to get (pop) his mail from the server. This only happens after the user's outgoing mail has already passed through your server. Two methods of authenticating smtp mail are pop-before-smtp or the prefered way, smtpauth. You can get info on both of these from If you have problems setting it up, please let us know and we can help with any specific questions.
 
Upvote 0 Downvote
Those sneaks.....! I will look up these things. In the mean time, I have been blocking those IP addresses in iptables. I will let you know what I come up with! Thank you!!
steve
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

yourkeylady
  • Locked
  • Question
third party relays put us on spam lists, How do I stop relays
Replies
0
Views
58
yourkeylady
yourkeylady
TalentedFool
  • Locked
  • Question
SPAMASSASIN and relays
Replies
7
Views
70
dougtran
dougtran
anorakgirl
  • Locked
  • Question
setting up auth - sendmail relays anything?
Replies
3
Views
36
Rhinokiller
Rhinokiller
PortalCasting
  • Locked
  • Question
How to Route Mail to Multiple Relays
Replies
1
Views
40
Weppie
Weppie
afender99
  • Locked
  • Question
Hi, is there any way top know th
Replies
1
Views
20
dbase77
dbase77

Part and Inventory Search

Sponsor

Back
Top