[EMAIL PROTECTED] wrote:
Hello guys,
I run custom compiled Gentoo headless boxes for hosting. Qmail Toaster won
me over about a year ago. So I put CentOS/QT on another server just for
mail only.

I had to take my QT box offline when I kept getting bounces from
everywhere to my catchall account. Somehow one of my domains was sending
mails like crazy from different "names"@mydomain.com.

I've shut that box down and have been watching my firewall logs and I had
several ip's pounding port 25.

Now I've started up another one of my backup servers and did a complete
re-install.

I've installed QT/CentOS from the QT - The Easy Way...
The only thing I have not did within the guide is setup any domain keys
and I have my own firewall rules. Other than that, this is up and running
out of the box.

Any security holes or steps you guys can inform me about?

I'm going to look at the wiki as soon as I get time.

Lots of good info on the wiki.
There are not any security holes per se. If you have a rogue/badly written PHP mailer script on one of your websites, that has nothing to do with Toaster, Qmail, or any other mailer program. You can throttle people on port 25 if you'd like. Check the wiki (it may be in the archives, don't remember), but there's a firewall rule you can add in that will deny connections from IPs that connect more than x number of times in y number of minutes. This cuts down on the bots some - I use it on some of my machines. You just have to be careful with it. I have one client that has 75+ machines on a network, and they all set their Outlook to check for messages every 2 minutes which flagged them by this rule and blocked them for a while (too bad they're my most self-important client as well.....). But that will all be a moot point if you have a spam-bot (PHP script or whatever) on your machine anyway. You may just be seeing the bounces from the joe-job that was running on your machine.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to