[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 375
  • Last Modified:

qmail Spam Issues

Dear Experts,

We have installed qmail in our new server and started running our website in the server.
It was a dedicated server and did not have much experience in the mail server configuration. So we installed it in the default form.

Now my server people complain that we are sending spam with the server. We have also confirmed the somehow our mail server is used to send some spam emails.

Can anybody send the email using our qmail mail server FROM A DIFFERENT server?

Or will it be somebody hacked into our server and wrote a php program to send the emails?
I doubt the first one anyway?

If so, how can I prevent others to not use the mail server but just allow my own php files to send email with the mail server?
Can anybody please advice?

Thanks,
Jacob
0
jacobbbc
Asked:
jacobbbc
  • 2
3 Solutions
 
Duncan RoeSoftware DeveloperCommented:
I run qmail but only now as a vestigial service for pushing out aliased mail.
I suspect someone is using your server as an email relay. I've perused the man pages, but I don't see how they would do that. Possibly your locals are too open - worth checking.
0
 
1ly4meCommented:
Use nmap to check port number 25 (This is for SMTP - sending mails), If the port is open close it, and open relay only to localhost.
If your SMTP port open to all, any one can use it as a SMTP gateway and can send any kind of emails.
0
 
Duncan RoeSoftware DeveloperCommented:
lsof -i (run as root) should show port smtp listening on all interfaces for tcpserver run by qmaild. I don't think that means it can or will relay.
Make sure that RELAYCLIENT is not set in the environment of qmail-smtpd. You can do this from the proc file system.
Also if you think you are being used as a relay, check /var/log/qmail/current
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now