Access member only content, take part in discussions with comments on blogs, news and reviews and receive all the latest security industry news directly to your inbox. Join now for free.
Processing registration... Please wait.
This process can take up to a minute to complete.
A confirmation email has been sent to your email address - SUPPLIED EMAIL HERE. Please click on the link in the email to verify your email address. You need to verify your email before you can start posting.
If you do not receive your confirmation email within the next few minutes, it may be because the email has been captured by a junk mail filter. Please ensure you add the domain @scmagazine.com.au to your white-listed senders.
A lack of knowledge and awareness about how to use Linux mail servers could be contributing to the disproportionately large number of Linux machines being exploited to send spam, according to new Symantec Hosted Services research.The firm's latest monthly MessageLabs Intelligence Report found that Linux-based computers are five times more likely to send spam than Windows PCs.Mat Nisbet, a malware data analyst at Symantec Hosted Services, explained in a blog post yesterday that he decided to dig deeper into the potential causes."On investigating the originating IPs of a random selection of spam from Linux, I found that in most cases it came from a machine running an open-source mail transfer agent, such as Postfix or SendMail, that had been left open," he said."This suggests that one reason there is so much spam from Linux could be that many companies that have implemented their own mail servers, and are using open-source software to keep costs down, have not realised that leaving port 25 open to the internet also leaves them open to abuse."Nisbet further explained that some botnets may be able to search specifically for machines that have port 25 left open."Anyone who wants to take advantage of the fact that Linux, and most of its software, is free, needs to be aware of how to set it up correctly so that it is secure," he said."Make sure that the systems are correctly set up to restrict access on port 25 to only authorised users, for example attached to the local network or through a virtual private network."
To begin commenting right away, you can log in below or register an account if you don't yet have one. Please read our guidelines on commenting. Offending posts will be removed and your access may be suspended. Abusive or obscene language will not be tolerated. The comments below do not necessarily reflect the views or opinions of SC Magazine, Haymarket Media or its employees.