Help! Spammers took over Sendmail!!!
Posted on 2004-10-04
It looks like some spammers are having a good time on my Sub Colbalt Qube3 appliance (Linux). As a result, it's causing trouble on our email (users often cannot authenticate) and slowing down our ftp. Sometimes it brings down the entire Internet to the company!
I'm sure it's sendmail. If I look at the maillog file, we're sending out several thousand fake emails a day. If I look at PS, I see 4 to 8 sendmail processes working at a time. This is not right, since we only send out about 30 emails a day tops.
I'm new to this whole sendmail business, so I'm a little lost. I think the problem is relaying, but how can I check that it's on? (isn't it off by default?). We ONLY send emails from within the company, so I don't think we need relaying at all. Is this right?
Any ideas would be greatly appreciated!!!