A message for Linux.com registered users: We are in the process of making changes to the Linux forums. Starting Monday, 8/13/18 at 6:00 PM PT, you will be unable to access the forums. They will re-launch as soon as possible on Wednesday, 8/15/18 with new features and improved functionality. Thank you for your patience and stay tuned for the new improved forums.

April 21, 2010

Sendmail full of SPAM

Hi,

So basically, I've got a server with +/- 20 websites on it.

Linux Version :
Red Hat Enterprise Linux ES release 3 (Taroon Update 9)

Running sendmail version :
8.12.11.20060308

It's not an open relay (e.g. I telnet to the domain and can't send mail through it). But I'm getting average 5 emails per 10 seconds, consistently.

How would I go as to find the problem?

ps -ax | grep sendmail

19435 ? S 0:01 sendmail: accepting connections
19446 ? S 0:00 sendmail: Queue runner@01:00:00 for /var/spool/clientmqueue
18233 ? S 0:05 sendmail: ./o3JIuQDh001342 from queue
20000 ? S 0:01 sendmail: ./o3KADNqD007966 mail.aventura.co.za.: user open
23876 ? S 0:00 sendmail: ./o3KEuKpf027735 zimsun.co.zw.: user open
24124 ? S 0:00 sendmail: server [117.199.227.220] cmd read
24147 pts/0 S 0:00 grep sendmail

netstat -nl

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:17384 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:32905 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:110 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:143 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8400 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:8402 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:21 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
udp 0 0 0.0.0.0:640 0.0.0.0:*
udp 0 0 0.0.0.0:513 0.0.0.0:*
udp 0 0 0.0.0.0:1 0.0.0.0:*
udp 0 0 0.0.0.0:32770 0.0.0.0:*
udp 0 0 0.0.0.0:32771 0.0.0.0:*
udp 0 0 0.0.0.0:32772 0.0.0.0:*
udp 0 0 0.0.0.0:32773 0.0.0.0:*
udp 0 0 0.0.0.0:32774 0.0.0.0:*
udp 0 0 0.0.0.0:7 0.0.0.0:*
udp 0 0 0.0.0.0:9 0.0.0.0:*
udp 0 0 0.0.0.0:10000 0.0.0.0:*
udp 0 0 0.0.0.0:161 0.0.0.0:*
udp 0 0 0.0.0.0:54321 0.0.0.0:*
udp 0 0 0.0.0.0:700 0.0.0.0:*
udp 0 0 0.0.0.0:69 0.0.0.0:*
udp 0 0 0.0.0.0:31337 0.0.0.0:*
udp 0 0 10.222.23.10:123 0.0.0.0:*
udp 0 0 127.0.0.1:123 0.0.0.0:*
udp 0 0 0.0.0.0:123 0.0.0.0:*
raw 0 0 0.0.0.0:6 0.0.0.0:* 7

What else do you need from me to help?

ALL i need from the mail server is to be able to send outgoing mail. For the websites. No incoming mail.

Click Here!