[MYSTERY] Emails being sent under account with email disabled - how to limit relays

rockethead

Registered
Jun 23, 2011
1
0
51
We have a dedicated server from GoDaddy running CENTOS 5.5 i686 standard.

We only have four or so sites on it. The other day, we receive an email that we have reached our 1000 smtp limit. This was a mystery since we use google apps for email and don't get near 1000 emails for out sites using the contact forms and such.

So I look at the relays and sure enough someone, probably a spammer, has used our smtp to send out their filth. I set email accounts and hourly emails to 0, remove the email in dns, and removed an email form they put on your server.

However, they are still somehow sending mail using our server. I'm going to terminate the account and reinstall, but I would love to know how this hacker is doing this and what I can do to prevent it in the future.

I guess I just need to know how to limit the relays to our ip? Is this the solution?

Thanks
 
Last edited: