Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!

Sign In Register

Quick Links


Categories

In this Discussion

How do you protect your server from being used to send spam?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

How do you protect your server from being used to send spam?

RurikoRuriko Member
in Help

So I got a new vps and installed easyengine on it then I left it idling for about a week. Today I checked my mail log and noticed someone's been trying to attempt send spam using my vps. Luckily it all failed and I figured I need to boost up the secuirty of the mail system so what are some ways to tigten the security?

If you wanna read the mail log here it is http://pastebin.com/VipEQ9nL

Comments

  • Lm85H4gFkh3wk3Lm85H4gFkh3wk3 Member

    fail2ban, saslauth permit, daily cron of pflogsumm email to me

  • tmwctmwc Member
    edited November 2016

    fail2ban should be fine as a frontend for the server. It should be good assuming you did SPF and DKIM.

    Here's some documentation on SPF and DKIM:

    Set up SPF records

    Set up DKIM records

    Thanked by 1GCat
  • GCatGCat Member

    Don't host your own email - eliminate the risk and go with @jarland mxroute - a small monthly/yearly cost, but peace of mind, especially for newbies

  • cheapdedicatedcheapdedicated Member

    fail2ban is a good one But If you are new at this I would recommend moving the mail function to a seasoned provider and only use your VPS for file.

  • ricardoricardo Member

    I usually uninstall the MTA on new VPS.

  • impossiblystupidimpossiblystupid Member

    This is common vulnerability probing that happens these days for any service you provide on the Internet. Modern mail servers are configured by default to be reasonably safe. Your bigger worry should be web services you provide, and especially PHP exploits, since that is often the vector for turning a server into a spam bot.

    As other have said, let fail2ban deal with the fast moving attacks, drop persistent abusers permanently into your firewall, and block entire networks if it looks like the provider doesn't have their act together.

  • time4vpstime4vps Member, Host Rep
    edited November 2016

    These things should be done to protect your server not only from unwanted spamming from your server, but from using it as port scanner and so on. Tips how to secure your server:

    • Change the SSH port

    • Use strong passwords for everything

    • Disable Root User

    • Restrict SSH access by IP using IPtables

    • Install RkHunter

    • Install CSF (Config Server Firewall)

    • Instal Fail2Ban

    • Use AV as Clam-av, maldet

    • and etc.

    Tutorial on how to do this all https://community.time4vps.eu/discussion/33/secure-vps-tips/p1 ;)

    Thanked by 2GCat Waldo19
Sign In or Register to comment.