stopping my server from spamming

David Banning david+dated+1168741471.eb2ad3 at skytracker.ca
Tue Jan 9 02:43:08 UTC 2007


I think I located the problem. I discovered through one of the blacklist
hosters when exactly they received the spam and that helped me track
it to a virus infected windows box.

> 
> Using nmap / tcpdump / snort to find rogue SMTP hosts is the next step I
> would pursue. Remember though, your hosts may not be causing the spam
> and it could instead be spoofing of some kind. For that, you can't do
> anything except talk to the mail providers that blacklisted your domain
> and get things cleared up.

These utilities where the direction of what I was looking for. Thanks for
that - I will look at the use of each and how I can trace what is going on
for future reference.

> Ultimately, I suggest switching to entirely AUTH based SMTP though to
> prevent this issue from occurring. You can either block port 25 from
> being routed or use net/smtptrapd (see <http://smtptrapd.inodes.org/>).

done.

Thanks Garret


More information about the freebsd-questions mailing list