finding a spammer relaying through sendmail

[Derek Ragona]

I have had this happen too.  Even though testing of my server shows it is 
not an open relay.  There are 3 configuration files that are used for the 
various functions of sendmail.  I looked at those files versus the defaults 
that are installed by mergemaster.  I reverted to the defaults as much as 
possible, and kept only the few customizations I needed.  That cut out 
those relays at least for me.

I also use sma to generate a daily report on the sendmail log.  You can use 
that report to block users or domains.

-Derek



At 11:53 PM 4/13/2015, David Banning wrote:
>I have around 40 email users on my system,  and one seems have had their
>login info stolen.  Is there a way to determine which user is being given
>authorization to relay through sendmail? I have increased sendmail logging
>to 15 but the sender is flagged only as an email address, one unknwon to me.
>
>Any pointers would be helpful.
>_______________________________________________
>freebsd-questions at freebsd.org mailing list
>http://lists.freebsd.org/mailman/listinfo/freebsd-questions
>To unsubscribe, send any mail to "freebsd-questions-unsubscribe at freebsd.org"


---
This email has been checked for viruses by Avast antivirus software.
http://www.avast.com