If you followed the instructions at [ https://docs.mailman3.org/en/latest/install/virtualenv.html | https://docs.mailman3.org/en/latest/install/virtualenv.html ] then the "useradd" invocation should create a mailman user that cannot log in with a password, so this should be fine. If you created the mailman user by some other means, this could be an issue.
I don't have experience with the venv install, but surely others on the list will have familiarity.
--Jered
----- On Oct 17, 2023, at 11:55 AM, Kyriakos Terzopoulos <kyriakos.terzopoulos@gmail.com> wrote:
Hi,
- Ubuntu 22.04
- Mailman 3 latest version (vemv setup)
- Server has HestiaCP installed
After installing all recent upgrades I will try and completely reinstall mailman and see if this happens again.
One thing that bothers me is that in the documentation I have not seen anywhere setting a password for the mailman user. Is there a default somewhere?
I will also disallow bash login for the mailman user since it seems that one could login via SSH.
Thanks for your feedback.
On Tue, 17 Oct 2023, 18:31 Jered Floyd, < [ mailto:jered@convivian.com | jered@convivian.com ] > wrote:
Hi Kyriakos,
This is very unlikely to be Mailman-related. Most likely you have a weak or default password that was brute-forced, perhaps for your "mailman" account.
I'm not sure there's much direct help we can offer, but you've left out all the important details to give suggestions:
- What OS?
- Versions of OS, Mailman, etc?
- How did you install Mailman?
- Other pertinent details about the environment?
Regards, --Jered
----- On Oct 17, 2023, at 3:40 AM, Kyriakos Terzopoulos [ mailto:kyriakos.terzopoulos@gmail.com | kyriakos.terzopoulos@gmail.com ] wrote:
Hi,
After installing mailman and using it for a few days, I got several complaints from my hosting company for abuse.
After checking the server, it seems that there is a rootkit (Blitz) running with the mailman process.
Has anyone come across this issue? Are there any specific steps to secure the mailman user?
Thank you
*Kyriakos Terzopoulos *Web developer / e-learning expert
*Tel:*+30 211 213 9858
*Mobile:* +30 694 526 4512
- E-mail: * [ mailto:kyriakos.terzopoulos@gmail.com | kyriakos.terzopoulos@gmail.com ]
- Skype:* kyriakos.terzopoulos Find me on Facebook < [ http://www.facebook.com/cirrus3d | http://www.facebook.com/cirrus3d ] > Follow me on Twitter < [ http://twitter.com/#%21/cirrus3d | http://twitter.com/#%21/cirrus3d ] >
Mailman-users mailing list -- [ mailto:mailman-users@mailman3.org | mailman-users@mailman3.org ] To unsubscribe send an email to [ mailto:mailman-users-leave@mailman3.org | mailman-users-leave@mailman3.org ] [ https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ | https://lists.mailman3.org/mailman3/lists/mailman-users.mailman3.org/ ] Archived at: [ https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/... | https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/message/... ]
This message sent to [ mailto:jered@convivian.com | jered@convivian.com ]