Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 18th March 2006, 22:05
rdells rdells is offline
Junior Member
 
Join Date: Feb 2006
Posts: 23
Thanks: 0
Thanked 3 Times in 2 Posts
Default how stop spammers from reading local accounts?

Hi folks,
appears that some boneheads have found ways to get a "list" of local accounts for spamming users. Is that possible? I did notice awhile back when I had "ssh" on, somebody did try and break into the server using some local accounts (passwords failed) and the knew exactly which user accounts to try.

How does one break in and figure out names of the local users on a server?

Even my "test use only" email accounts get spammed (uncommon names)!
I tell you, the spam problems / techniques these days is crazy...
Maybe I be going crazy?

By the way, This is on a FC4 perfect setup from the how to tutorial. I have "spamfilter" off, because it crashes the server.

Any help appreciated,
Thanks.
Reply With Quote
Sponsored Links
  #2  
Old 18th March 2006, 22:23
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,035
Thanks: 267
Thanked 153 Times in 133 Posts
Default

Quote:
Originally Posted by rdells
Hi folks,
appears that some boneheads have found ways to get a "list" of local accounts for spamming users. Is that possible? I did notice awhile back when I had "ssh" on, somebody did try and break into the server using some local accounts (passwords failed) and the knew exactly which user accounts to try.

How does one break in and figure out names of the local users on a server?

Even my "test use only" email accounts get spammed (uncommon names)!
I tell you, the spam problems / techniques these days is crazy...
Maybe I be going crazy?

By the way, This is on a FC4 perfect setup from the how to tutorial. I have "spamfilter" off, because it crashes the server.

Any help appreciated,
Thanks.

I guess you are talking about the:

Quote:
Charity or Non-Profit Organization Contact:
SPRING is Almost Here... NOW IS THE TIME to Show What You Have to Offer to the World
Celebrating Our 10th Year of Charity Emailings!

Click to Advertise Your Site to
3,000,000 Internet Users

= F-R-E-E TODAY ONLY =
spam?

I'm also gettin it on all my accounts (even brand new never used and unknow to anyone)!
I've got the same setup as you have

Last edited by edge; 19th March 2006 at 00:56.
Reply With Quote
  #3  
Old 18th March 2006, 23:06
rdells rdells is offline
Junior Member
 
Join Date: Feb 2006
Posts: 23
Thanks: 0
Thanked 3 Times in 2 Posts
Default Must stop this sort of hacking?

Some users complain of more spam than ever...
It use to be that advertising your email address on a webpage was bad. I think this is worse! Maybe I'll look at some log files, see if I can find something before I blab anymore (make sure of my assumptions on this).
Reply With Quote
  #4  
Old 18th March 2006, 23:19
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,741 Times in 2,575 Posts
Default

That's normal these days. Some users always have trojans/worms on their PCs that read their email clients' address books. That's why spammers know exactly which email addresses work...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #5  
Old 19th March 2006, 00:06
rdells rdells is offline
Junior Member
 
Join Date: Feb 2006
Posts: 23
Thanks: 0
Thanked 3 Times in 2 Posts
Default

Quote:
Originally Posted by falko
That's normal these days. Some users always have trojans/worms on their PCs that read their email clients' address books. That's why spammers know exactly which email addresses work...
I agree with with that entirely. Not my pc though!
I still think something else may be happening...

I just setup an email account on the server (off-the-wall name). I will not mention this to any other computer. I will use the webmail to check it for new messages later on, and in a few days. (I hope I am wrong about this)!

Thanks always,
Robert

Last edited by rdells; 19th March 2006 at 00:28.
Reply With Quote
  #6  
Old 19th March 2006, 00:53
edge edge is offline
Moderator
 
Join Date: Dec 2005
Location: The Netherlands
Posts: 2,035
Thanks: 267
Thanked 153 Times in 133 Posts
 
Default

Quote:
Originally Posted by falko
That's normal these days. Some users always have trojans/worms on their PCs that read their email clients' address books. That's why spammers know exactly which email addresses work...
I'm talking about my private testing only accounts. They are only five days old, and not known to the world, and for sure in no address books.

I did enable the 'catch all email' for one of the domains (big misstake), but not for the other domains, that I also got the spam on!

Anyway. Spamassassin is running, and it's doing a great job for me!

Last edited by edge; 19th March 2006 at 00:56.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
UebiMiau login puntjuh Installation/Configuration 13 14th March 2006 18:24
ISPConfig pop3 problem mphayesuk General 21 31st October 2005 10:53


All times are GMT +2. The time now is 19:53.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.