Date: Wed, 05 Jan 2011 10:41:29 -0500 From: Robert Fitzpatrick <lists@webtent.net> To: FreeBSD <freebsd-questions@freebsd.org> Subject: Bot? Message-ID: <4D249129.6090008@webtent.net>
next in thread | raw e-mail | index | archive | help
Keep getting calls from our provider at one location that our FreeBSD 8.0-RELEASE server is sending bursts of >1000 spam messages to >70K recipients. Since the first call a few weeks ago, I have MRTG and Mail Statistics graphs setup and see no spikes in traffic. Their last sighting was over the weekend and graphs show a reduction in traffic during that time as expected, again with no spikes in traffic or messages sent/received by our Postfix/Amavisd-maia MTA. All services on that server including SSH, SMTP and mail queue size all monitored by Nagios and have had no alerts from that server. Nonetheless, they claim I must have a bot and the mail is not passing through my own SMTP. And I suspect little traffic is needed for the alleged bursts. They have no envelope info. Can someone advise on what port(s) are available for bot detection and/or prevention? In all my years of running FreeBSD as mail gateways, this is the first time I've had this issue. --Robert
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D249129.6090008>