Greg Freemyer wrote:
All,
I have VM on the internet that for the last day or so is sending out 10's of thousands of malicious emails.
openSUSE 42.2
Fully updated with security patches. I know I need to update to 42.3, but at least for now it is still getting security patches.
I assume the bad guys are somehow using it as a relay site, but I'm not sure. The server has a GUI on it I think, but I rarely, if ever use it. Almost all admin is via ssh.
Check the mail logs, Greg. /var/log/mail will tell you everything.
The contents of /etc/postfix/relay are: # for relaying domain # domain.de OK IAC-Forensics.com OK
And contents of /etc/postfix/main.cf ? Is that file used? What are your smtp recipient restrictions?
FYI: The server has been RBL Blacklisted. It's a minor issue that I assume will clear up in a day or two. In the meantime, I can ignore the problem. This server originates very little email.
As long as your server continues to send spam, it will likely remain on various blacklists. -- Per Jessen, Zürich (2.2°C) http://www.hostsuisse.com/ - dedicated server rental in Switzerland. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org