[CLUE-Tech] My Open Relay (again)
Brandon Harper
lists-inet at booms.net
Thu Sep 13 09:42:29 MDT 2001
>
> To recap:
> My RHL 6.1 box, mailman.thegeek.nu, is in an 'open-relay' state. I am not
> sure, but it may have been hacked into. I believe that the
> modified file is
> /etc/sendmail.cf, but again I'm not sure. I am looking for a quick fix,
> because I am actively being used as a spam relay, perhaps by the original
> hacker. My long-term fix will be a scratch rebuild and data restore.
>
Just my 2 cents, but I'd do a rebuild now if you suspect you've been
"hacked".
Your e-mail shouldn't bounce if it takes you less than a day to rebuild.
Just make sure you kill Sendmail while you are reconfiguring it, and start
it up when you have all of your user accounts as well as sendmail installed.
You could also find someone to keep mail for you in the meantime by adding
their mailserver to your MX record with a lower priority. They only thing
they would need to do is add one line in mailertable. You can read more
about that at sendmail.org.
HTH,
- Brandon
<!-- http://www.booms.net -->
More information about the clue-tech
mailing list