how stop spammers from reading local accounts?

Discussion in 'Server Operation' started by rdells, Mar 18, 2006.

  1. rdells

    rdells New Member

    Hi folks,
    appears that some boneheads have found ways to get a "list" of local accounts for spamming users. Is that possible? I did notice awhile back when I had "ssh" on, somebody did try and break into the server using some local accounts (passwords failed) and the knew exactly which user accounts to try.

    How does one break in and figure out names of the local users on a server?

    Even my "test use only" email accounts get spammed (uncommon names)!
    I tell you, the spam problems / techniques these days is crazy...
    Maybe I be going crazy?

    By the way, This is on a FC4 perfect setup from the how to tutorial. I have "spamfilter" off, because it crashes the server.

    Any help appreciated,
  2. edge

    edge Active Member Moderator

    I guess you are talking about the:


    I'm also gettin it on all my accounts (even brand new never used and unknow to anyone)!
    I've got the same setup as you have
    Last edited: Mar 19, 2006
  3. rdells

    rdells New Member

    Must stop this sort of hacking?

    Some users complain of more spam than ever...
    It use to be that advertising your email address on a webpage was bad. I think this is worse! Maybe I'll look at some log files, see if I can find something before I blab anymore (make sure of my assumptions on this).
  4. falko

    falko Super Moderator ISPConfig Developer

    That's normal these days. Some users always have trojans/worms on their PCs that read their email clients' address books. That's why spammers know exactly which email addresses work...
  5. rdells

    rdells New Member

    I agree with with that entirely. Not my pc though! :)
    I still think something else may be happening...

    I just setup an email account on the server (off-the-wall name). I will not mention this to any other computer. I will use the webmail to check it for new messages later on, and in a few days. (I hope I am wrong about this)!

    Thanks always,
    Last edited: Mar 19, 2006
  6. edge

    edge Active Member Moderator

    I'm talking about my private testing only accounts. They are only five days old, and not known to the world, and for sure in no address books.

    I did enable the 'catch all email' for one of the domains (big misstake), but not for the other domains, that I also got the spam on!

    Anyway. Spamassassin is running, and it's doing a great job for me!
    Last edited: Mar 19, 2006

Share This Page