HELP! Spammer using my system !
I suspect a spammer is using my system to relay or queue spam !
I'm using smail 3.2-3.
How do I check, know its being used as a relay ?
How do I stop this ASAP ?
How do I find the spammer ?
Thanks,
Matthew
Some data from /var/log/smail/logfile might help....
-----------------------------------------------------------------
06/13/1998 21:03:17: [m0ykxmp-000NUHC] destination supports esmtp
PIPELINING
06/13/1998 21:03:17: [m0ykxmy-000NUIC] destination supports esmtp
PIPELINING
06/13/1998 21:03:18: [m0ykxmp-000NUHC] Delivered VIA:smtp.infoasis.com
TO:info@diablohill.com ORIG-TO:<info@diablohill.com> ROUTER:inet_hosts
TRANSPORT:smtp
06/13/1998 21:03:18: [m0ykxmy-000NUIC] Delivered
VIA:indy.discovery-intl.com TO:info@discovery-intl.com
ORIG-TO:<info@discovery-intl.com> ROUTER:inet_hosts TRANSPORT:smtp
06/13/1998 21:03:26: [m0yl1Ce-000NXFC] Received FROM:stiggy@vm.com
HOST:ALDERSSTUDIO.COM [206.175.102.17] PROTOCOL:smtp PROGRAM:in.smtpd
ORIG-ID:<> SIZE:4199
06/13/1998 21:03:30: [m0ykxmp-000NUHC] destination supports esmtp 8BITMIME
SIZE
06/13/1998 21:03:31: [m0ykxmp-000NUHC] Delivered VIA:mail.diamondpeak.com
TO:info@diamondpeak.com ORIG-TO:<info@diamondpeak.com> ROUTER:inet_hosts
TRANSPORT:smtp
06/13/1998 21:03:32: [m0ykxmp-000NUHC] destination supports esmtp, but is
buggy (250-wwwebzone.iqtinc.com
250-HELP
250-EXPN
250-XREMOTEQUEUE
250-PIPELINING
250 SIZE)
06/13/1998 21:03:34: [m0ykxmy-000NUIC] Delivered VIA:smtp.discusdental.com
TO:info@discusdental.com ORIG-TO:<info@discusdental.com> ROUTER:inet_hosts
TRANSPORT:smtp
06/13/1998 21:03:35: [m0ykxmp-000NUHC] Delivered VIA:iqtinc.com
TO:info@dianenelson.com ORIG-TO:<info@dianenelson.com> ROUTER:inet_hosts
TRANSPORT:smtp
--
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: