Re: Intersil Blackhole list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Sun, 2006-06-11 at 19:59 -0400, Thom Paine wrote:
> I've been running the same sendmail.mc configuration for quite a while
> now, and just today I notice that I didn't get any server reports for
> 4 networks I manage. Checking my maillog, I see that all four sites
> are in intersil's blacklist.
> 
> Anyone else notice anything wonky with this? It seems odd that it
> would show up just this past weekend.
> 
> I can post my sendmail.mc file if anyone would like. Not sure how all
> four sites could get in it at the same time.
> 
Easy.  Likely that somehow your mail servers were used for spam.
I had that when a weakness in mambo on one of my servers let a spammer
use it for relay.

Sendmail.mc is probably not the issue. What else are you running on that
machine?  Anything using PHP?  Have you verified nothing else unexpected
is running?

Maybe you need to run rkhunter or chkrootkit

> Thanks.
> 
> -- 
> -=/>Thom
> 


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux