Topic: Can't stop qmail

[uniqsys]

I'm sure that you did not need to do that. qmail will always stop, after it has tried to finish sending mail which it is in the process of sending. The problem is that qmail-remote, when connected to a tarpit SMTP server, will take a very long time to finish. Unless you disconnect your WAN connection, in which case they should die quickly.

BTW, one last comment on this. I do not doubt this, but I had to support this server remotely so I had to use the WAN connection to instruct the server!  Catch 22 This really limits your options. 

[mmccarn]

A couple notes:

* You might thwart your infected LAN systems by forcing your LAN clients to use SMTP authentication when sending: http://wiki.contribs.org/Email#How_do_I_disable_SMTP_relay_for_unauthenticated_LAN_clients

* You might be able to successfully stop qmail when trapped by tarpits if you can identify the tarpit hosts, then use iptables to block all traffic to those hosts.  I suspect that once you issue the command to shutdown qmail you could use netstat -an | grep :25.*EST to identify the connections that are stuck open, then figure out the required iptables commands to block those connections.

[phil_elvey]

Hi I have had a similar problem on my Server with spam being sent out.

I have enabled SMTP authentication and disabled unauthenticated SMTP relay as per the instructions on this site.  I have a small question - in the server manager the SMTP proxy is disabled.  Does it affect any of the changes I have made if I enable it?  Are there any disadvantages, other than being forced to use the server as SMTP (or rather SSMTP)?

[mmccarn]

If all of your LAN workstations use the SME server for outbound SMTP, turning on SMTP proxy will have no ill effects.

If you have any LAN clients configured to send email through outside servers, turning on SMTP proxy will force you to reconfigure those workstations.