[NTLUG:Discuss] Any experts on preventing Sendmail from beingused for Phishing?

Stephen Davidson gorky at freenet.carleton.ca
Sun Mar 27 21:29:32 CST 2005 

Hi Jerry.

The current ONLY thing that I am completely satisfied with SuSE 
Professional Linux 9.2 about;
1) Sendmail is configured by default NOT to relay;
2) Yast does a pretty good job of configuring things by default, and 
figuring out what you want to do initially.
3) The /etc/sysconfig files are easy enough for a newbie like me to 
figure out, and play with safely.
4) The entire system is configured by default with reasonable (note 
that: Reasonable, not perfect) security.

http://j2eeguys.com/~steve/SuSE9.2/ if you need to burn CD ISOs.

Btw, also at The Planet, so should be a quick download.  Only have a 
10MB/sec card in the machine though.  (Sorry -- most people can't pull 
from my server that fast!).

Regards,
Steve

Jerry Brillowski - LNX Technologies wrote:

>I'm completely new to sendmail so I will do my best to explain better.
>Btw, thank you Jack for giving me an outline to use in trying to figure
>this out from.  Thanks also to Victor for asking for more detail also.
>
>In lay man's terms...Someone or something is sending out emails from my
>server at The Planet.  (I would assume they are using it as a "relay"?)
>
>These emails state that they are from the Bank of Oklahoma, complete
>with Logo, etc. warning the recipient that the security of their
>account(s) might have been compromised and to immediately click on the
>link and "verify" that it is them or else expect their account(s) and
>cards to be disabled/canceled or whatever.  Of course, it is NOT the
>Bank of Oklahoma and people are being duped into giving up personal
>information for someone else's ill-gotten gain.
>
>The above is happening on quite a massive scale. (My maillog file was
>growing at about 180 Mb every 12 hours.)  Likewise, #1 below would best
>describe my need I believe.  I am concerned about "non-trusted users to
>other remote users."
>
>Of course, now the question is "How do you turn off relaying by everyone
>other than trusted users?"
>
>The actual number of "my" users is quite small.  Less than 30 people
>should ever be using this email system.  They do not seem to have been
>affected by this issue currently.  My users have been warned and if they
>do something stupid like giving out information from an email request,
>it is their problem.  They know better so that is not of that much
>importance at the present.
>
>I AM worried that The Planet is going to shut me down if I can't put a
>permanent stop to this as they have threatened to do within the next 12
>hours.
>
>Again, thanks so much for the replies and the ones that I'm sure will be
>forthcoming!
>
>Sincerely,
>
>Jerry Brillowski
>JerryB at LNX-Technologies.com
>(214) 651-8882 (office)
>(214) 418-0897 (mobile)
>
>
>  
>


-- 
Java/J2EE Developer/Integrator
Stephen Davidson and Associates, Inc.
Vice President, DFW JavaMUG (http://javamug.org)
Past Chair, Dallas/FortWorth J2EE Sig
214-724-7741

More information about the Discuss mailing list