Firewall Wizards mailing list archives
Re: sendmail spamming
From: "Don Jones" <don.jones () linuxmail org>
Date: Fri, 30 May 2003 16:31:10 +1200
I noticed CPU activity spikes on the email server and found that our web server was spamming our email server due to the classic formmail exploit.
Can I suggest replacing all your cgi scripts downloaded from the web with secure alternatives. There is a sourceforge project called nms ( http://nms-cgi.sourceforge.net/ ) whose aim is to write secure versions of many common cgi scripts ( http://nms-cgi.sourceforge.net/scripts.shtml ). As others have pointed out there are tools like rfp's whisker which are designed to find insecure cgi's which can then be used as spam relays or mailbomb (MTA/MUA DoS) relays. Re: [fw-wiz] traffic analysis In regards to the log analysis, perl extreamly well suited for this task as there are many modules avalible ( http://search.cpan.org/ ) and it has very strong regex and text processing capabilities. It is a true swiss army chainsaw for any sys admin/network engineer. Re: [fw-wiz] Benefit of firewall over NAT-only 'protected' network irc.freenode.net is usually my first port of call for tech support (eg I was on #sendmail today, and solved a mailserver issue.), but it's is not exactly a valid tool for most users, but can be for techies. "The rules of proprietary software break down cooperation between programmers separated by company boundaries, even when such cooperation can be of benefit to both organizations." -- ______________________________________________ http://www.linuxmail.org/ Now with e-mail forwarding for only US$5.95/yr Powered by Outblaze _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- sendmail spamming Robert E. Martin (May 29)
- Re: sendmail spamming R. DuFresne (May 29)
- Re: sendmail spamming Chuck Swiger (May 29)
- <Possible follow-ups>
- RE: sendmail spamming Behm, Jeffrey L. (May 29)
- Re: sendmail spamming Robert E. Martin (May 29)
- RE: sendmail spamming Jim Seymour (May 30)
- RE: sendmail spamming Behm, Jeffrey L. (May 29)
- Re: sendmail spamming Don Jones (May 30)