Re: Majordomo spam problem

[Ed Kasky <ed @ esson . net>]

I would start by locking down my sendmail configuration.  See:

http://www.sendmail.org/m4/anti_spam.html

I use a combination of relay features, access.db and smtp auth to prevent
unauthorized relaying.

I also run local dns and added Sender Policy Framework

http://www.openspf.org/

"SPF fights return-path address forgery and makes it easier to
identify spoofs.  Domain owners identify sending mail servers in
DNS.  SMTP receivers verify the envelope sender address against this
information, and can distinguish authentic messages from forgeries before
any message data is transmitted. "  

Ed

At 06:37 PM Monday, 5/22/2006, Michael Wilkinson wrote -=>
> I've been a LONG time user/admin
> of majordomo, and I've recently
> experienced something I'm not sure what to do about or how to
> combat.
>
> I'm using majordomo 1.94.5, and sendmail 8.13.4, somehow evil
> spammers
> used my majordomo mail alias to relay spam through my sendmail
> server.
> It was a mess, I had to clean out my domain/ip from some blackhole
> lists.
>
> I picked up on it because I got quite a few majordomo abort
> messages.
> I've been trying to dissect how they used it exactly, unfortunately,
> I don't have my sendmail logs for that time period anymore.
>
> I was able to stop it by commenting my majordomo mail alias out of
> my aliases file. I was wondering if any here has seen anything like
> this, and if so, how I may prevent the problem in the future.
>
> Thanks!
> -Mike
>
> -- 
> Michael Wilkinson
> Game
> Designer             
> There are 10 kinds of people in this world,
> Tower Ravens
> LLC           those who
> understand binary and those who don't.

. . . . . . . . . . . . . . . . . .
Randomly Generated Quote (890 of 1052):
The washing machine in my head is on spin cycle.