-
April 22nd, 2009, 07:21 PM
#1
Junior Member
Mail server analysis
One of my friend is having some problem with her mail server and I don't know how to deal with it or how to explain. She does gave me a pcap file, from that I guess some spam problem. But I don't know exactly or sure about this. I hope you guys can point me to the right thing and ensure this.
So, I leave it to you guys if you're willing to help or for those who like thrill. I already upload the file she gave to me here 21april.pcap
Thank you again. I will post my own analysis about this matter soon.
-
April 22nd, 2009, 10:41 PM
#2
From the pcap file it appears she is running postfix.
Ask her to provide you with /etc/postfix/main.cf and post it here.
It's the main postfix configuration file.
It would also be helpful to have the mail log (e.g. /var/log/mail)
In God We Trust....Everything else we backup.
-
April 23rd, 2009, 12:08 AM
#3
The first issue I see is that she has no authentication.
Anyone can connect and attempt to send mail.
While relaying appears to be denied, I was able to telnet to her smtp port and send mail to local users. e.g. postmaster
she needs to modify her postfix config to require smtp authentication.
this may require additional software to be installed.
Need to see the config files. as per ^.
In God We Trust....Everything else we backup.
Similar Threads
-
By cheyenne1212 in forum Miscellaneous Security Discussions
Replies: 7
Last Post: February 1st, 2012, 02:51 PM
-
By Tiger Shark in forum The Security Tutorials Forum
Replies: 5
Last Post: March 4th, 2004, 05:00 PM
-
By gore in forum Newbie Security Questions
Replies: 11
Last Post: December 29th, 2003, 08:01 AM
-
By th3spid3r in forum AntiOnline's General Chit Chat
Replies: 8
Last Post: October 26th, 2003, 12:17 PM
-
By warl0ck7 in forum Microsoft Security Discussions
Replies: 7
Last Post: August 14th, 2003, 12:23 PM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|