SLUG Mailing List Archives
[SLUG] permissions, .forward, mx abuse and other tails of horror.
- To: slug@xxxxxxxxxxx
- Subject: [SLUG] permissions, .forward, mx abuse and other tails of horror.
- From: Mehmet Yousouf <mehmety@xxxxxxxx>
- Date: Mon Nov 20 14:44:08 2000
Interesting thing happened on our home gateway/mailserver....
I noticed in the maillogs that our system was sending out mail with no
<from> information.... killed sendmail and removed the mail from the mail
queue (kept one for the headers....) restarted and after a while samething
happened..... some of the mail being refused by the other end with
"unknown user" information. I had relay rules set to only relay from our
network so I thought spoofing? I looked through the maillogs more closely
and noticed a line saying something like .forward /home/mofet/.forward
world writeable -one of the user names my kids use - checked permissions
and the directory WAS world writeable! changed it and the problem seems to
have stopped. My son had changed the permissions on the directory to try
and get some cgi to work (also have apache running on it for the kids to
play with). I have removed their accounts from this machine but I am
curious as to how I can periodically check (cron job) file permissions on
all the linux systems at home (3 linux)? Am I correct in my diagnoses/
fix? How could it have been discovered? We are on optus cable.