EMERGENCY - need to secure my server against an ongoing SPAMMER
rbrennan96 at gmail.com
Sun Mar 13 10:43:49 UTC 2005
> > Relaying denied:
> > From www.abuse.net [188.8.131.52] to securitytest at abuse.net: 4 Time(s)
> > From www.abuse.net [184.108.40.206] to user-49733 at nf.abuse.net: 4 Time(s)
> These top two are the abuse.net relay tester. Probably being used by
> someone that received some of the spam your machine relayed yesterday.
Those are my own tests to see if I have closed the open relay, the
results of which I posted earlier in this thread. I'm closed up now,
unfortunately to my remote legitimate users as well. The next reply
from Jeff Kinz will help me shut down the boxes that have targeted me
and reduce the load on my box.
My remaining problems are:
1) how to open up *safe* relays for legitimate users, the preferred
method being pop-b4-smtp because it is widely supported.
2) how to get mysql up and running again. The log-reported missing was
in fact there and valid, even when replaced by a backup. I am
currently trying uninstalls and reinstalls but not having a lot of
luck. Most of my sites are dynamic and heavily rely on MySql.
> I wouldn't be surprised if the rest are zombied Windows boxes.
.. that wouldn't surprise *any* of us here!
More information about the users