Results 1 to 5 of 5
  1. #1

    I think a spammer is attacking me again

    Hi All,
    My server looks like it's under a spam attack again. This time it's more subtle. I could really do with some advice off someone who has experience with this.

    If I visit:-
    It's got a few thousand messages.

    Although if I go to sendmail configuration with Webmin it says the message queue is only 8???

    I've been monitoring the server load with top and it's not going lower than 4. With the number of processes this should be 0.10 like usual.

    There is also an apache user httpd command that's been running for over 500 minutes. Around the same time the message queue started filling up and the load shot up.

    What can I do? I really want to catch the guy this time. Last time I ended up shutting down sendmail for a while until the spammer went away. Obviously that can't always be the solution and they'll keep coming back.

    How can I track them down?

    My server doesn't have anything in place to combat spam. Should I etup spam assassin? Or is there another program you could all recommend?


  2. #2
    Join Date
    May 2005
    New York
    make sure open-relaying is disabled ( ie sendmail only sends for local users ).

    also, try re-starting apache and monitor it, sounds like they are breaking in via the webserver ( unless of course it was a locally spawned copy then you have bigger problems id say ).

    check netstat etc and see who is connecting to what, also put limits on the amount of emails that can be sent out in any timeframe.

    if awstats is installed, either remove it or upgrade to the very latest.
    just monitor everything occuring and see if there is a pattern.
    Perigee Global Corporation
    Design, Development and Hosting Solutions
    Dedicated Servers, CDN, Hosted E-Mail, Web Hosting, VPS & Cloud Servers

  3. #3
    Open relaying is disabled.

    Thanks netstat is useful. But you say 'etc' what toher commands could help me track them down?

    I don't have awstats installed.

  4. #4
    What should I do about the message queue filling up? And why isn't Webmin picking up the files in the queue?

  5. #5
    try checking the raw log files....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts