Hi, Is the chkuser patch and smtp-auth installed by defualt. I need to do anything to initialize these? (I used your install script)
Thank you for the wonderful answers, and this list really makes it possible for people to get into Qmail-Toaster. The efforts of everyone on this list is much appreciated. Fabio On 1/13/06, Jake Vickers <[EMAIL PROTECTED]> wrote: > Fabio Milano wrote: > > >Hi, > > > >I have heard alot about people hijacking email servers and using it > >for SPAM relaying? Any advice on how to prevent this? > > > > > Some of it cannot be prevented, really. If they send an email to a bad > address at your server, with return path to the actual person they want > the spam to go to, when your server bounces it, it sends it to the > return path which is the person they wanted to get the spam in the first > place (I know, that sentence doesn't make much sense to me, either). > They can of course brute-force weak email passwords to use your SMTP > services to relay messages. There are a few different ways to send > through someone else's server. The chkuser patch was implemented to fix > a couple of these holes, and smtp-auth was put in to plug another smtp > hole. Unless you have a specific example, the only other way I can think > of to "hijack" a mail server is by obtaining a user or root's password > if it's a weak one. > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
