Scalix Forums

Hi there everyone,

I've got a 11.* installation on CentOS4. Everyhing seems to be working great (famous last words).

While looking through some logs I've noticed some emails stuck in the sendmail queue which are not from internal email addresses and are being retried since the destination server either doesn't exist or is locked down and ignoring things.

I know these are spams from the nature of their subjects and other header data.

How would these emails be showing up in our queue? If I did a standard install and have followed the HOWTO/Amavisd in the wiki, am I now runnnig an open relay? I thought I had read that part of the scalix install took care of this.


While on the subject of open relays...we are pointing our domain at this server (should be active in the next couple days) and will need to be able to receive email directly on the server. I've forwarded port 25 on our router and would like to be sure that this port can only be used for receiving internal email and not be an open relay. Could someone point tell me what direction I should be going in?

Thanks!

Hi,

have a look at the "relay" record in sendmail as its being placed on your server. That should give an indication of where the smtp connection is being set up from.
Maybe one of your PCs has a trojan etc, and is spoofing email.

You can always go in and delete the offending emails from the sendmail queue, removing the d* and q* files for the offending message.

Mick

I've deleted the messages and things seem to be quiet now. These might have been there for a long time for all I know.

Thanks for the reply. I'll be adding this to the list of things to be checking up on frequently.