Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

help~ my mail server got attacked

Discussion in 'E-mail Discussion' started by goodgbb, Sep 27, 2005.

  1. goodgbb

    goodgbb Well-Known Member

    Joined:
    Aug 15, 2005
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Thailand
    Dear Helpers

    My mail server (exim 4.52) got attacked by using random senders & random receivers.
    He's also attached some viruses to emails.
    I've been banned his ip address. I'm afraid that he'll use proxy or socks then do it again.

    How do I protect my mail server?

    pls help me..
    Thank You from my heart :)

    #a part of reject logs

    2005-09-26 15:24:19 H=(xxx.com) [xxx.185.132.xxx] sender verify fail for <register@xxx.com>: no such address here
    2005-09-26 15:24:19 H=(xxx.com) [xxx.185.132.xxx] F=<register@xxx.com> rejected RCPT <smith@xxx.com>: Sender verify failed
    2005-09-26 15:30:07 H=(xxx.com) [xxx.185.132.xxx] sender verify fail for <administrator@xxx.com>: no such address here
    2005-09-26 15:30:07 H=(xxx.com) [xxx.185.132.xxx] F=<administrator@xxx.com> rejected RCPT <ted@xxx.com>: Sender verify failed
    2005-09-26 15:30:11 H=(xxx.com) [xxx.185.132.xxx] sender verify fail for <administrator@xxx.com>: no such address here
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 goodgbb, Sep 27, 2005
    Last edited: Sep 27, 2005
  2. ramprage

    ramprage Well-Known Member

    Joined:
    Jul 21, 2002
    Messages:
    655
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    Canada
    Install a virus scanner - well since most of the viruses are for windows, its good to have a virus scanner on your linux box to protect the home users.

    ClamAV, also try Mailscanner and the dictionary attack rules. I personally don't recommend MailScanner as it's a resource hog.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. danielws

    danielws Member

    Joined:
    Sep 1, 2005
    Messages:
    20
    Likes Received:
    0
    Trophy Points:
    151
    Use...

    BFD (that bans exim attempts like that)

    http://www.rfxnetworks.com/proj.php

    Integrate BFD with iptables or use it with APF
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice