System abused by spammer?

Martin Moeller mm at bsdsi.com
Fri Mar 28 01:05:49 PST 2003 

Hi list,

I have a vague feeling that some spammer is abusing my sendmail system.

My installation is FreeBSD-CURRENT. Postmaster received some email
saying, that some kind of mail cannot be delivered due configuration
errors. I looked into the mail queue and found this, what definitely
does not belong there!

bsdsi# mailq -v
                /var/spool/mqueue (4 requests)
-----Q-ID----- --Size-- -Priority- ---Q-Time---
--------Sender/Recipient--------
h2RGCDrC001502     1993    1111876 Mar 27 17:13 MAILER-DAEMON
                 (Deferred: Connection refused by mail.craz-man.com.)
                                                <Lizzie03 at craz-man.com>
                 (Deferred: Connection refused by mail.craz-man.com.)
h2RC1iZw004629      225    1920349+Mar 27 13:01 <Lizzie03 at craz-man.com>
                 (Deferred: Operation timed out with myvzw.com.)
                                                <_dwight at myvzw.com>
                 (Deferred: Operation timed out with myvzw.com.)
h2RBpSZw004575     1903    1951602 Mar 27 12:51 MAILER-DAEMON
                 (Deferred: Connection refused by mail.craz-man.com.)
                                                <Lizzie47 at craz-man.com>
                 (Deferred: Connection refused by mail.craz-man.com.)
h2RBefZw004533     1861    2041596 Mar 27 12:40 MAILER-DAEMON
                 (Deferred: Connection refused by mail.craz-man.com.)
                                                <Lizzie16 at craz-man.com>
                 (Deferred: Connection refused by mail.craz-man.com.)
                Total requests: 4

/var/log/maillog also shows some strange entries:

Mar 28 09:39:59 bsdsi sm-mta[1189]: h2RGCDrC001502:
to=<Lizzie03 at craz-man.com>, delay=16:26:30, xdelay=0
Mar 28 09:41:15 bsdsi sm-mta[1189]: h2RC1iZw004629:
to=<_dwight at myvzw.com>, delay=20:39:30, xdelay=00:01
Mar 28 09:41:15 bsdsi sm-mta[1189]: h2RBpSZw004575:
to=<Lizzie47 at craz-man.com>, delay=20:49:47, xdelay=0
Mar 28 09:41:15 bsdsi sm-mta[1189]: h2RBefZw004533:
to=<Lizzie16 at craz-man.com>, delay=21:00:34, xdelay=0

etc.

I thought, sendmail rejects relaying per default. What can I do?
(HELP!!! (!!!) )

Regards,
Martin

-- 
Martin Möller <mm at bsdsi.com>        http://www.bsdsi.com/
GnuPG/PGP DSA ID: 0x3C979285                  ICQ # 82221572
I do not accept unsolicited commercial mail. Do not spam me!

More information about the freebsd-questions mailing list