Hi folks, appears that some boneheads have found ways to get a "list" of local accounts for spamming users. Is that possible? I did notice awhile back when I had "ssh" on, somebody did try and break into the server using some local accounts (passwords failed) and the knew exactly which user accounts to try. How does one break in and figure out names of the local users on a server? Even my "test use only" email accounts get spammed (uncommon names)! I tell you, the spam problems / techniques these days is crazy... Maybe I be going crazy? By the way, This is on a FC4 perfect setup from the how to tutorial. I have "spamfilter" off, because it crashes the server. Any help appreciated, Thanks.
I guess you are talking about the: spam? I'm also gettin it on all my accounts (even brand new never used and unknow to anyone)! I've got the same setup as you have
Must stop this sort of hacking? Some users complain of more spam than ever... It use to be that advertising your email address on a webpage was bad. I think this is worse! Maybe I'll look at some log files, see if I can find something before I blab anymore (make sure of my assumptions on this).
That's normal these days. Some users always have trojans/worms on their PCs that read their email clients' address books. That's why spammers know exactly which email addresses work...
I agree with with that entirely. Not my pc though! I still think something else may be happening... I just setup an email account on the server (off-the-wall name). I will not mention this to any other computer. I will use the webmail to check it for new messages later on, and in a few days. (I hope I am wrong about this)! Thanks always, Robert
I'm talking about my private testing only accounts. They are only five days old, and not known to the world, and for sure in no address books. I did enable the 'catch all email' for one of the domains (big misstake), but not for the other domains, that I also got the spam on! Anyway. Spamassassin is running, and it's doing a great job for me!