----- Original Message -----
From: "Rodrigo Ordonez Licona" <rodrigo (at mark) xnet.com.mx>
To: <coba-e (at mark) bluequartz.org>
Sent: Monday, February 16, 2009 9:33 AM
Subject: [coba-e:15081] Spam Problem
> Hi, We are having trouble with some spammers ,
>
> Emails are getting through even though we have disabled popauthenticated
> service.
>
> We have a Bluequartz Fully yummed (with Nuonce avspam), If you send an
> email
> from a valid address to that valid address the message is accepted.
>
> Does anyone know how can we stop this kind of spam:
>
> ==========================================
>
> telnet ip.add.re.ss 25
> ehlo server
> mail from:validuser (at mark) mydomain.com
> 250 2.1.0 validuser (at mark) mydomain.com... Sender ok
> rcpt to:validuser (at mark) mydomain.com
> 250 2.1.0 validuser (at mark) mydomain.com... Sender ok
> data
> 354 Enter mail, end with "." on a line by itself
>
> Put spam here
>
> .
> 250 2.0.0 n1GHbxs2003114 Message accepted for delivery
>
>
> ===========================================
>
> Same happens with strongbolt.
>
> Is it safe to change something at
> Sendmail.cf at this line ?
> O DaemonPortOptions=Port=smtp, Name=MTA
>
> Something like
> O DaemonPortOptions=Port=smtp, Name=MTA, M=Ea
>
>
> Regards
>
> Rodrigo O
> Xnet
>
>
> P.S. My apologies Gerald
Rodrigo
It sounds like you are saying that anyone can send mail through your server
to anyone else at any email address even those not on your server.
Possibly there are still entries in your poprelay database?
Check with:
/usr/local/sbin/poprelayd -p
or
/usr/sbin/poprelayd -p
Or, you have the sending IP address set to whitelist?
Check your /etc/mail/access
Is poprelay still running, you can check with:
ps fauxw | grep poprelay
On my servers, I do have poprelay running, and it does not allow spammers to
send spam through the server.
----
Ken Marcus
Ecommerce Web Hosting by
Precision Web Hosting, Inc.
http://www.precisionweb.net