[CentOS] pop3 attack

Wed Dec 10 16:02:29 UTC 2008
James Pifer <jep at obrien-pifer.com>

On Tue, 2008-12-09 at 16:26 -0500, James Pifer wrote:
> Thanks to all. For now I've stopped it using iptables. I tried stopping
> it at my router without success, yet another reason to replace it! I
> will also report it to abuse at covad.net. 
> 

My issues have gotten worse. Apparently over the last few days my ip
address has gotten blacklisted. No idea why. Even though I have a
commercial class cable modem service, my ip is residential because it
comes to my house. But I've been running my mail server for several
years and never had an issue. 

I've tried adding these lines to my sendmailmc and rebuilding it, but
then nothing routes, not even local. 

define(`SMART_HOST',`smtp-server.carolina.rr.com')dnl
MASQUERADE_AS(carolina.rr.com)dnl
FEATURE(`allmasquerade')dnl
FEATURE(`masquerade_envelope')dnl

Now I'm using mailertable and that appears to be working. 

I'm not even sure this message with get to this list. Seems like I
haven't received any centos list mail in a while. I have on my other
lists though.

Any help is appreciated. 

Thanks,
James