[vox-tech] Scary cron-deamon message
Richard Crawford
rscrawford at mossroot.com
Wed Apr 20 08:56:04 PDT 2005
On Wednesday 20 April 2005 07:19, Daniel A. Lorca-Martinez wrote:
> I might be completely in the dark here, but it sounds like you might
> be the victim of a spammer a) using your machine to send garbage out
> or b) using a @stonegoose bogus return address. I think the former
> is likely though. Do you require authentication for SMTP from your
> server? If not, then some spammer found your server and is using it
> to spam. If this is the case, I'd shut that hole quickly, before you
> start getting on the anti-spam server lists.
I don't even allow SMTP from my machine. I use POP3 and IMAP on that machine
to check my e-mail, and Sendmail so that Squirrelmail can send messages out.
I'm pretty sure I've locked down Sendmail so that no outside machines can
hook up to it, and the only ports allowed to that machine through my firewall
are 22, 80, and 110. So I'm reasonably sure my machine isn't sending out
spam. More likely someone's been sending out spam with the stonegoose.com
domain (I've seen plenty of them with my mossroot.com domain, which annoys
the hell out of me).
Is there more that I should be doing?
> Is that the complete message?
I'm afraid so. Nothing comparable in any of my system logs, and they all
appear normal as well. Chkrootkit found nothing either.
--
Richard S. Crawford
http://www.mossroot.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://ns1.livepenguin.com/pipermail/vox-tech/attachments/20050420/70c7628e/attachment.bin
More information about the vox-tech
mailing list