Jeff D wrote:
I've checked the relay and its closed, but i have found a script in the tmp/ folder that looks like it may be the culprit. I still have no idea how it got there thoughOn Mon, 16 Apr 2007, Will Parkinson wrote:Douglas Allan Tutty wrote:The reason i ask is that recently a server that i was working on was sending spam emails for some other company that i've never even heard of. I'm just looking at ways to avoid this from happening in the future. As i am new to server security, i'm looking for a way to block non Australian ips while i figure out how this company came to be sending emails from our server.On Mon, Apr 16, 2007 at 10:03:02AM +1000, Will Parkinson wrote:Hi All,I was wondering if there was any way to restrict server ssh, ftp and even http access to certain countries / ip ranges? I've been using debian for a while at home but am pretty new to the security side of things.Any help much appreciatedI don't see any way of configuring sshd for that so if this is somethingyou need, you'll need to use a firewall. I suggest shorewall. But lets review why you think you need this since its not a standard requirement. Doug.Cheers WillHave you checked your server to see if it is an open relay? That would also allow anyone to send spam through your mail server. You do some tests through here:http://www.abuse.net/relay.html -+-8 out of 10 Owners who Expressed a Preference said Their Cats Preferred Techno.