• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 379
  • Last Modified:

qmail Spam Issues

Dear Experts,

We have installed qmail in our new server and started running our website in the server.
It was a dedicated server and did not have much experience in the mail server configuration. So we installed it in the default form.

Now my server people complain that we are sending spam with the server. We have also confirmed the somehow our mail server is used to send some spam emails.

Can anybody send the email using our qmail mail server FROM A DIFFERENT server?

Or will it be somebody hacked into our server and wrote a php program to send the emails?
I doubt the first one anyway?

If so, how can I prevent others to not use the mail server but just allow my own php files to send email with the mail server?
Can anybody please advice?

  • 2
3 Solutions
Duncan RoeSoftware DeveloperCommented:
I run qmail but only now as a vestigial service for pushing out aliased mail.
I suspect someone is using your server as an email relay. I've perused the man pages, but I don't see how they would do that. Possibly your locals are too open - worth checking.
Use nmap to check port number 25 (This is for SMTP - sending mails), If the port is open close it, and open relay only to localhost.
If your SMTP port open to all, any one can use it as a SMTP gateway and can send any kind of emails.
Duncan RoeSoftware DeveloperCommented:
lsof -i (run as root) should show port smtp listening on all interfaces for tcpserver run by qmaild. I don't think that means it can or will relay.
Make sure that RELAYCLIENT is not set in the environment of qmail-smtpd. You can do this from the proc file system.
Also if you think you are being used as a relay, check /var/log/qmail/current
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managed Security Services Webinar - March 15

Selecting the right managed security services platform to grow your business can be a huge undertaking. Join WatchGuard and Frost & Sullivan in an upcoming webinar as we dive into the key elements of selecting a vendor platform and partnership to fuel a successful MSSP business.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now