Hey Folks,
We just got hammered with a TON of Spam email through our Main and Standby MTE servers.
all of the spam was spoofing local host IP 127.0.0.1.
In Webmin/Postfix/smtp I checked off "Allow connections from same network " and checked "Allow connections from this system"
this worked great but had to change /usr/local/sbin/sendEmail from local host to one of our external mail servers.
I still have get to see if we need to change it anywhere else in our scripts.
Anyone else see this before?
Cheers!
Keith
Submitted by eeman on Thu, 07/19/2012
Permalink
I use sendmail not postfix (which is what is bundled with the ISO).. I'm not bashing postfix but its a bigger peice of equipment designed for huge mail servers, wheras MTE only sends a tiny amount of mail per day. So the exploits that work on Postfix will differ from the ones that work on sendmail. As an added precaution I do not allow inbound port 25 traffic to my server. The only access to sendmail is over the loopback interface.