You can alternatively tell the SMTP proxy to deny anything from your internal network except from individual machines (such as your RH 3 mail server).
We also limit who can hit the DMZ perimeter SMTP servers at the firewall level. Therefore only the Exchange servers (in our case) or our client postfix servers can forward out through our SMTP proxies. Gary -----Original Message----- From: jdow [mailto:[EMAIL PROTECTED] Sent: Friday, September 24, 2004 9:21 AM To: users@spamassassin.apache.org Subject: Re: Spammers using my server Some system on your internal network is "owned" by a hacker network. It is time to clean all your windows machines COMPLETELY of viruses. {^_^} ----- Original Message ----- From: "Jay Ehrhart" <[EMAIL PROTECTED]> > This morning I had over 7000 emails in my Linux server's outbound queue > which I deleted. My firewall log shows over 20,000 emails went out with a > SunTrust bank announce saying to login and enter your username and password. > I do not see the emails coming in like I would in a relay. How can I stop > this or how are they doing this? > > My firewall using a SMTP proxy and only allows my domain in. I run > MailScanner on my Red Hat 3.0 mail server with Sendmail. The box has the > lastest patches from Red Hat. I have Sendmail setup to accept only my > domain email. > > The non-deliverable reports are coming from my Linux apache user. > Non-deliverables usually come from root. I am running apache on the server > with forms. The forms software is the latest version and patches. > > Can anybody help on this? > > Thanks, > Jay >
