From owner-freebsd-isp@FreeBSD.ORG Sun Feb 13 02:02:15 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C96BF16A4CE for ; Sun, 13 Feb 2005 02:02:14 +0000 (GMT) Received: from bsd3.nyct.net (bsd3.nyct.net [216.139.128.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 36CE543D39 for ; Sun, 13 Feb 2005 02:02:14 +0000 (GMT) (envelope-from myj@bsd3.nyct.net) Received: from bsd3.nyct.net (localhost [127.0.0.1]) by bsd3.nyct.net (8.12.11/8.12.11) with ESMTP id j1D21uk0042140; Sat, 12 Feb 2005 21:01:56 -0500 (EST) (envelope-from myj@bsd3.nyct.net) Received: (from myj@localhost) by bsd3.nyct.net (8.12.11/8.12.11/Submit) id j1D21jqV042136; Sat, 12 Feb 2005 21:01:45 -0500 (EST) (envelope-from myj) Date: Sat, 12 Feb 2005 21:01:45 -0500 (EST) From: Paul Sandys To: Theodore Knab In-Reply-To: <20050211151730.GA6896@annapolislinux.org> Message-ID: <20050212205743.M41646@bsd3.nyct.net> References: <20050208000000.D64811@bsd3.nyct.net> <20050211151730.GA6896@annapolislinux.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-isp@freebsd.org Subject: Re: PAM and login.conf + SSH and IMAP X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Feb 2005 02:02:15 -0000 On Fri, 11 Feb 2005, Theodore Knab wrote: > Date: Fri, 11 Feb 2005 10:17:30 -0500 > From: Theodore Knab > To: Paul Sandys , freebsd-isp@freebsd.org > Subject: Re: PAM and login.conf + SSH and IMAP > > I have never used the the /etc/login.access to limit access. > > However, I have used other things, which are listed here. > > If you are trying to limit regular users from connecting to your system via > their IMAP password that is in /etc/passwd, you could do the following: > > 1. Add an access list to the /etc/pam.d/ssh file > auth required pam_listfile.so item=user sense=allow file=/etc/sshusers-allowed onerr=fail There's no pam_listfile.so module in FreeBSD 5.3 - this would be a good solution though. > > 2. Don't give the users on IMAP a shell account. > /bin/false or /dev/null as their login shell I need real shell in there. It's funny how PAM should give you all the flexibility you need and I'm stuck on such a staightforward scenario. P. > > 3. Firewall the machine so only a few IP's can use ssh. That woudn't work either in this situation. > > > On 08/02/05 00:05 -0500, Paul Sandys wrote: > > > > I need to block ssh access to wheel only and at the same time allow IMAP access > > to any user. > > > > When I put following in /etc/login.access, the ssh behaves the way I want: > > +:wheel:ALL > > -:ALL:ALL > > > > However, it also denies imap access. I'm trying different options in > > /etc/pam.d/imap without any success. Is there a PAM module that would > > authenticate using system password file and disregarded /etc/login.access ? > > > > Any suggestions ? > > > > Thanks, > > Paul > > > > > > Paul Sandys > > network operations manager > > http://www.nyct.net/ > > 212.293.2620 > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > -- > ------------------------------------------ > Ted Knab > Chester, Maryland 21619 USA > ------------------------------------------ > The perception of knowledge is an egotistical farce in which > humans extrapolate from simplifications. > > Proud Graduate of the 'Wack a Mole' Academy of Psydo Sciences. > > Legal Disclaimer: > ------------------------------------- > This e-mail is privileged, confidential and subject to the > GNU public licence. Any unauthorized use or disclosure of its contents is > strictly prohibited and will result in a intensive investigation by the > unofficial enforcement agencies whom are watching you read this email. > The views expressed in this communication may not necessarily be > the views held by the Scottish Borders Council, the Japanese Education Ministry, > the Annapolis Linux Users group, or the author whom composed it. > Paul Sandys network operations manager http://www.nyct.net/ 212.293.2620 From owner-freebsd-isp@FreeBSD.ORG Sun Feb 13 04:38:25 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CA9F016A4CF for ; Sun, 13 Feb 2005 04:38:25 +0000 (GMT) Received: from msrv.matik.com.br (msrv.matik.com.br [200.152.83.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id C1B8B43D31 for ; Sun, 13 Feb 2005 04:38:24 +0000 (GMT) (envelope-from asstec@matik.com.br) Received: from [200.152.82.190] ([200.152.82.190]) by msrv.matik.com.br (8.13.1/8.12.11) with ESMTP id j1D4cGiA001037 for ; Sun, 13 Feb 2005 02:38:17 -0200 (BRST) (envelope-from asstec@matik.com.br) From: Suporte Matik To: freebsd-isp@freebsd.org Date: Sun, 13 Feb 2005 02:38:07 -0200 User-Agent: KMail/1.7.2 References: <20050208000000.D64811@bsd3.nyct.net> <20050211151730.GA6896@annapolislinux.org> <20050212205743.M41646@bsd3.nyct.net> In-Reply-To: <20050212205743.M41646@bsd3.nyct.net> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart1528975.PKhJ4mCNOn"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200502130238.13341.asstec@matik.com.br> X-Virus-Scanned: ClamAV 0.80/705/Fri Feb 11 14:51:32 2005 clamav-milter version 0.80j on msrv.matik.com.br X-Virus-Status: Clean X-Spam-Status: No, score=-102.3 required=5.0 tests=ALL_TRUSTED,ISO_7BITS, NO_RDNS2,USER_IN_WHITELIST autolearn=failed version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on msrv.matik.com.br Subject: Re: PAM and login.conf + SSH and IMAP X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Feb 2005 04:38:25 -0000 --nextPart1528975.PKhJ4mCNOn Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 13 February 2005 00:01, Paul Sandys wrote: > On Fri, 11 Feb 2005, Theodore Knab wrote: > > Date: Fri, 11 Feb 2005 10:17:30 -0500 > > From: Theodore Knab > > To: Paul Sandys , freebsd-isp@freebsd.org > > Subject: Re: PAM and login.conf + SSH and IMAP > > > > I have never used the the /etc/login.access to limit access. > > > I need real shell in there. > to do it easy and fast you can try this to see if it is good for you: give all not allowed user the sh shell and add as last line exit to=20 your /etc/profile so they can login but are logged out imediatly then give your wheel user csh or any not sh shell Hans > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" =2D-=20 Infomatik implementamos asas na sua rede. (18)3551.3591 (18)8112.7007 _______________________________________________________ Participe na lista de seguran=E7a,=20 recebendo as mais importantes not=EDcias na hora Entre em http://info.matik.com.br e participe. _______________________________________________________ Mensagens sem assinatura GPG n=E3o s=E3o nossas. Messages without GPG signature are not from us. _______________________________________________________ --nextPart1528975.PKhJ4mCNOn Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCDtm122x1wvvbslkRAigAAKCoMMcC3FIC53gf25s0Z7dr6IPyLwCeMSrs 6zE4mPnZvO8RDTWa3HxKctU= =/AuD -----END PGP SIGNATURE----- --nextPart1528975.PKhJ4mCNOn-- From owner-freebsd-isp@FreeBSD.ORG Sun Feb 13 08:55:01 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4734616A4CE for ; Sun, 13 Feb 2005 08:55:01 +0000 (GMT) Received: from zephon.secspace.de (zephon.secspace.de [62.75.136.210]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0815043D39 for ; Sun, 13 Feb 2005 08:55:01 +0000 (GMT) (envelope-from ml@ps102.de) Received: from [192.168.17.11] (pD95F2B4C.dip.t-dialin.net [217.95.43.76]) by zephon.secspace.de (Postfix) with ESMTP id 82D656EB29; Sun, 13 Feb 2005 09:54:59 +0100 (CET) Message-ID: <420F15F8.5070102@ps102.de> Date: Sun, 13 Feb 2005 09:55:20 +0100 From: Volker Kindermann User-Agent: Mozilla Thunderbird 1.0 (X11/20050206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Paul Sandys References: <20050208000000.D64811@bsd3.nyct.net> In-Reply-To: <20050208000000.D64811@bsd3.nyct.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: PAM and login.conf + SSH and IMAP X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Feb 2005 08:55:01 -0000 Hi Paul, > I need to block ssh access to wheel only and at the same time allow IMAP access > to any user. > > When I put following in /etc/login.access, the ssh behaves the way I want: > +:wheel:ALL > -:ALL:ALL > > However, it also denies imap access. I'm trying different options in > /etc/pam.d/imap without any success. Is there a PAM module that would > authenticate using system password file and disregarded /etc/login.access ? > > Any suggestions ? why don't you use ssh's ability to restrict logins? Look for "Allowed groups" in man sshd_config If you allow the wheel group there, than no other user may login via ssh. -volker From owner-freebsd-isp@FreeBSD.ORG Sun Feb 13 22:10:02 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BEBC916A4CE for ; Sun, 13 Feb 2005 22:10:02 +0000 (GMT) Received: from gehrig.hall.oopz.com (gehrig.hall.oopz.com [207.202.240.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5580B43D4C for ; Sun, 13 Feb 2005 22:10:02 +0000 (GMT) (envelope-from NoahD@oopz.com) Date: Sun, 13 Feb 2005 14:10:01 -0800 MIME-Version: 1.0 Message-ID: <1BC9C5447DEF1F4FBE3927A31D6B540404DC07@gehrig.hall.oopz.com> X-MS-Has-Attach: Content-class: urn:content-classes:message X-MS-TNEF-Correlator: Thread-Topic: Sendmail question X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Thread-Index: AcUSF3YGKRq1me6NTCqkuhMbyfD4wQ== From: "Noah Davidson" To: "FreeBSD-ISP List" Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Feb 2005 22:10:02 -0000 I have set up a new FreeBSD box as mainly a backup mail server, although = it is primary for a couple of domains. It is running sendmail 8.13.3 = and it works fine, except for all the spam that is being sent to it to = bad email addresses. I have aliased the root account to an email group = on another server so that someone reads the root mail. The problem is = that all the mail that spammers are sending to address that do not exist = get bounced and the root account a notification (I believe it is the = postmaster alias which is aliased to root). Is there any way to not = have these notifications sent out. They are filling up the mail boxes. = I just want the return to sender, but not to the root / postmaster as = well. I have tried using the confCOPY_ERRORS_TO in my .mc file, but = that just sends it to an additional account as well. =20 Any help would be greatly appreciated. =20 Thanks Noah Davidson From owner-freebsd-isp@FreeBSD.ORG Sun Feb 13 22:30:13 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 51B5016A4CE for ; Sun, 13 Feb 2005 22:30:13 +0000 (GMT) Received: from wjv.com (fl-65-40-24-38.sta.sprint-hsd.net [65.40.24.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 67FA743D2D for ; Sun, 13 Feb 2005 22:30:12 +0000 (GMT) (envelope-from bv@bilver.wjv.com) Received: from bilver.wjv.com (localhost.wjv.com [127.0.0.1]) by wjv.com (8.12.11/8.13.1) with ESMTP id j1DMU9ZY053219; Sun, 13 Feb 2005 17:30:09 -0500 (EST) (envelope-from bv@bilver.wjv.com) Received: (from bv@localhost) by bilver.wjv.com (8.12.11/8.13.1/Submit) id j1DMU8lF053218; Sun, 13 Feb 2005 17:30:08 -0500 (EST) (envelope-from bv) Date: Sun, 13 Feb 2005 17:30:08 -0500 From: Bill Vermillion To: Noah Davidson Message-ID: <20050213223008.GA53176@wjv.com> References: <1BC9C5447DEF1F4FBE3927A31D6B540404DC07@gehrig.hall.oopz.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1BC9C5447DEF1F4FBE3927A31D6B540404DC07@gehrig.hall.oopz.com> Organization: W.J.Vermillion / Orlando - Winter Park ReplyTo: bv@wjv.com User-Agent: Mutt/1.5.6i X-Spam-Status: No, score=-2.8 required=5.0 tests=ALL_TRUSTED autolearn=failed version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on bilver.wjv.com cc: FreeBSD-ISP List Subject: Re: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bv@wjv.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 13 Feb 2005 22:30:13 -0000 Ashes to ashes, and DOS to DOS Noah Davidson was heard to say on or about Sun, Feb 13, 2005 at 14:10 : > I have set up a new FreeBSD box as mainly a backup mail server, > although it is primary for a couple of domains. It is running > sendmail 8.13.3 and it works fine, except for all the spam that > is being sent to it to bad email addresses. I have aliased > the root account to an email group on another server so that > someone reads the root mail. The problem is that all the mail > that spammers are sending to address that do not exist get > bounced and the root account a notification (I believe it > is the postmaster alias which is aliased to root). Is there > any way to not have these notifications sent out. They are > filling up the mail boxes. I just want the return to sender, but > not to the root / postmaster as well. I have tried using the > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > additional account as well. Making assumptions that your sendmail is receiving bogus mail for accounts that you have sendmail receive here is approach you can take. Assume you have domains a.com b.com and c.com and your local-host-names has those. Then you need to find out what users you have for each domain If you have curly larry and moe on a.com and no one else, then you can build a virtualusrtable that looks like this. curly@a.com curly larry@a.com larry moe@a.com moe @a.com nouser And the accnount 'nouser' will be in your /etc/mail/aliases file and will look like this: nouser: /dev/null Run make in /etc/mail to create virtusertable.db and aliases.db and that should get rid of the bogus names going to root. I find the virtualusertable to be quite handy for elminating a lot of junk. It will only be a problem if you have a large user base or lots of domains. Bill -- Bill Vermillion - bv @ wjv . com From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 00:50:12 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1E92016A4CE for ; Mon, 14 Feb 2005 00:50:12 +0000 (GMT) Received: from gehrig.hall.oopz.com (gehrig.hall.oopz.com [207.202.240.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 949D543D39 for ; Mon, 14 Feb 2005 00:50:11 +0000 (GMT) (envelope-from NoahD@oopz.com) Date: Sun, 13 Feb 2005 16:46:59 -0800 MIME-Version: 1.0 Message-ID: <1BC9C5447DEF1F4FBE3927A31D6B540404DC08@gehrig.hall.oopz.com> X-MS-Has-Attach: Content-class: urn:content-classes:message X-MS-TNEF-Correlator: Thread-Topic: Sendmail question X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Thread-Index: AcUSG5dP2iyaKUVFT9mgppOi/SVbUAAExl94 From: "Noah Davidson" To: Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 cc: FreeBSD-ISP List Subject: RE: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 00:50:12 -0000 The only problem with that approach is that this is a back up server and = the users may not be able to know of all of the users. Is there any way = to not have all of these bounced mail go to the postmaster / root = account. =20 Thanks Noah=20 ________________________________ From: Bill Vermillion [mailto:bv@wjv.com] Sent: Sun 2/13/2005 2:30 PM To: Noah Davidson Cc: FreeBSD-ISP List Subject: Re: Sendmail question Ashes to ashes, and DOS to DOS Noah Davidson was heard to say on or about Sun, Feb 13, 2005 at 14:10 : > I have set up a new FreeBSD box as mainly a backup mail server, > although it is primary for a couple of domains. It is running > sendmail 8.13.3 and it works fine, except for all the spam that > is being sent to it to bad email addresses. I have aliased > the root account to an email group on another server so that > someone reads the root mail. The problem is that all the mail > that spammers are sending to address that do not exist get > bounced and the root account a notification (I believe it > is the postmaster alias which is aliased to root). Is there > any way to not have these notifications sent out. They are > filling up the mail boxes. I just want the return to sender, but > not to the root / postmaster as well. I have tried using the > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > additional account as well. Making assumptions that your sendmail is receiving bogus mail for accounts that you have sendmail receive here is approach you can take. Assume you have domains a.com b.com and c.com and your local-host-names has those. Then you need to find out what users you have for each domain If you have curly larry and moe on a.com and no one else, then you can build a virtualusrtable that looks like this. curly@a.com curly larry@a.com larry moe@a.com moe @a.com nouser And the accnount 'nouser' will be in your /etc/mail/aliases file and will look like this: nouser: /dev/null Run make in /etc/mail to create virtusertable.db and aliases.db and that should get rid of the bogus names going to root. I find the virtualusertable to be quite handy for elminating a lot of junk. It will only be a problem if you have a large user base or lots of domains. Bill -- Bill Vermillion - bv @ wjv . com From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 01:13:52 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9D5FD16A4CE for ; Mon, 14 Feb 2005 01:13:52 +0000 (GMT) Received: from msrv.matik.com.br (msrv.matik.com.br [200.152.83.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6BC7F43D46 for ; Mon, 14 Feb 2005 01:13:50 +0000 (GMT) (envelope-from asstec@matik.com.br) Received: from [200.152.82.190] ([200.152.82.190]) by msrv.matik.com.br (8.13.1/8.12.11) with ESMTP id j1E1Dnit015629 for ; Sun, 13 Feb 2005 23:13:49 -0200 (BRST) (envelope-from asstec@matik.com.br) From: Suporte Matik To: freebsd-isp@freebsd.org Date: Sun, 13 Feb 2005 23:13:29 -0200 User-Agent: KMail/1.7.2 References: <1BC9C5447DEF1F4FBE3927A31D6B540404DC08@gehrig.hall.oopz.com> In-Reply-To: <1BC9C5447DEF1F4FBE3927A31D6B540404DC08@gehrig.hall.oopz.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart4676859.sEq3IXSfrf"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200502132313.36458.asstec@matik.com.br> X-Virus-Scanned: ClamAV 0.80/705/Fri Feb 11 14:51:32 2005 clamav-milter version 0.80j on msrv.matik.com.br X-Virus-Status: Clean X-Spam-Status: No, score=-100.2 required=5.0 tests=ALL_TRUSTED,ISO_7BITS, MONOTONE_WORDS_2_15,MONOTONE_WORDS_2_30,NO_RDNS2,TW_WJ, USER_IN_WHITELIST autolearn=failed version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on msrv.matik.com.br Subject: Re: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 01:13:52 -0000 --nextPart4676859.sEq3IXSfrf Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 13 February 2005 22:46, Noah Davidson wrote: > The only problem with that approach is that this is a back up server and > the users may not be able to know of all of the users. Is there any way = to > not have all of these bounced mail go to the postmaster / root account. > sendmail should reject mail for nonexistent users by default and not forwar= d=20 to root unless you have any strange alias for all but you say bounced mail= =20 what confuses me a little bit, but anyway, isn't it that your systema=20 accounts are exploited by the spammers ? so if having 10 domains you may ge= t=20 10 spams for tty in your root mailbox, to prevent you may try this in your= =20 access: tty@ ERROR:"4.2.2:450 No such user here." and so on for each systema account and rebuild the access.db and probably y= our=20 headache goes away Hans > Thanks > Noah > > ________________________________ > > From: Bill Vermillion [mailto:bv@wjv.com] > Sent: Sun 2/13/2005 2:30 PM > To: Noah Davidson > Cc: FreeBSD-ISP List > Subject: Re: Sendmail question > > > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say > > on or about Sun, Feb 13, 2005 at 14:10 : > > I have set up a new FreeBSD box as mainly a backup mail server, > > although it is primary for a couple of domains. It is running > > sendmail 8.13.3 and it works fine, except for all the spam that > > is being sent to it to bad email addresses. I have aliased > > the root account to an email group on another server so that > > someone reads the root mail. The problem is that all the mail > > that spammers are sending to address that do not exist get > > bounced and the root account a notification (I believe it > > is the postmaster alias which is aliased to root). Is there > > any way to not have these notifications sent out. They are > > filling up the mail boxes. I just want the return to sender, but > > not to the root / postmaster as well. I have tried using the > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > > additional account as well. > > Making assumptions that your sendmail is receiving bogus mail > for accounts that you have sendmail receive here is approach you > can take. > > Assume you have domains a.com b.com and c.com and your > local-host-names has those. > > Then you need to find out what users you have for each domain > > If you have curly larry and moe on a.com and no one else, then you > can build a virtualusrtable that looks like this. > > curly@a.com curly > larry@a.com larry > moe@a.com moe > @a.com nouser > > And the accnount 'nouser' will be in your /etc/mail/aliases > file and will look like this: > > nouser: /dev/null > > Run make in /etc/mail to create virtusertable.db and aliases.db > and that should get rid of the bogus names going to root. > > I find the virtualusertable to be quite handy for elminating a lot > of junk. It will only be a problem if you have a large user > base or lots of domains. > > Bill > -- > Bill Vermillion - bv @ wjv . com > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" =2D-=20 Infomatik implementamos asas na sua rede. (18)3551.3591 (18)8112.7007 _______________________________________________________ Participe na lista de seguran=E7a,=20 recebendo as mais importantes not=EDcias na hora Entre em http://info.matik.com.br e participe. _______________________________________________________ Mensagens sem assinatura GPG n=E3o s=E3o nossas. Messages without GPG signature are not from us. _______________________________________________________ --nextPart4676859.sEq3IXSfrf Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCD/tA22x1wvvbslkRAp/sAJsEKI6aGjUxU59q6/Kowl4zrZ6sOACgpELb dxCAKOoCxtihSkL+43+YFew= =XnjM -----END PGP SIGNATURE----- --nextPart4676859.sEq3IXSfrf-- From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 01:23:01 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D6DCB16A4CE for ; Mon, 14 Feb 2005 01:23:00 +0000 (GMT) Received: from wjv.com (fl-65-40-24-38.sta.sprint-hsd.net [65.40.24.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id E35BE43D4C for ; Mon, 14 Feb 2005 01:22:59 +0000 (GMT) (envelope-from bv@bilver.wjv.com) Received: from bilver.wjv.com (localhost.wjv.com [127.0.0.1]) by wjv.com (8.12.11/8.13.1) with ESMTP id j1E1MsGN054215; Sun, 13 Feb 2005 20:22:54 -0500 (EST) (envelope-from bv@bilver.wjv.com) Received: (from bv@localhost) by bilver.wjv.com (8.12.11/8.13.1/Submit) id j1E1MsD1054214; Sun, 13 Feb 2005 20:22:54 -0500 (EST) (envelope-from bv) Date: Sun, 13 Feb 2005 20:22:54 -0500 From: Bill Vermillion To: Noah Davidson Message-ID: <20050214012254.GA54164@wjv.com> References: <1BC9C5447DEF1F4FBE3927A31D6B540404DC08@gehrig.hall.oopz.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1BC9C5447DEF1F4FBE3927A31D6B540404DC08@gehrig.hall.oopz.com> Organization: W.J.Vermillion / Orlando - Winter Park ReplyTo: bv@wjv.com User-Agent: Mutt/1.5.6i X-Spam-Status: No, score=-2.8 required=5.0 tests=ALL_TRUSTED autolearn=failed version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on bilver.wjv.com cc: FreeBSD-ISP List Subject: Re: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bv@wjv.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 01:23:01 -0000 On Sun, Feb 13, 2005 at 16:46 , while impersonating an expert on the internet, Noah Davidson sent this to stdout: > The only problem with that approach is that this is a back up > server and the users may not be able to know of all of the > users. Is there any way to not have all of these bounced mail go > to the postmaster / root account. My personal [and sometimes warped] opinion is that if it's a backup server then it needs to know about all accounts? Are users supposed to access this server if the main server is down. You could copy/rsync the virtualuser table to the backup machine. The only file that seems to need a restart is the local-host-names and aliases, virtusertable and others are dynamic so the changes are read each time. If you have a stock /etc/mail/aliases file the postmaster account is aliased to root. You do need a postmaster account, so if you create a user called postmaster, you could unalias the postmaster to root if that's what the main problem is. > ________________________________ > > From: Bill Vermillion [mailto:bv@wjv.com] > Sent: Sun 2/13/2005 2:30 PM > To: Noah Davidson > Cc: FreeBSD-ISP List > Subject: Re: Sendmail question > > > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say > on or about Sun, Feb 13, 2005 at 14:10 : > > > I have set up a new FreeBSD box as mainly a backup mail server, > > although it is primary for a couple of domains. It is running > > sendmail 8.13.3 and it works fine, except for all the spam that > > is being sent to it to bad email addresses. I have aliased > > the root account to an email group on another server so that > > someone reads the root mail. The problem is that all the mail > > that spammers are sending to address that do not exist get > > bounced and the root account a notification (I believe it > > is the postmaster alias which is aliased to root). Is there > > any way to not have these notifications sent out. They are > > filling up the mail boxes. I just want the return to sender, but > > not to the root / postmaster as well. I have tried using the > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > > additional account as well. > > Making assumptions that your sendmail is receiving bogus mail > for accounts that you have sendmail receive here is approach you > can take. > > Assume you have domains a.com b.com and c.com and your > local-host-names has those. > > Then you need to find out what users you have for each domain > > If you have curly larry and moe on a.com and no one else, then you > can build a virtualusrtable that looks like this. > > curly@a.com curly > larry@a.com larry > moe@a.com moe > @a.com nouser > > And the accnount 'nouser' will be in your /etc/mail/aliases > file and will look like this: > > nouser: /dev/null > > Run make in /etc/mail to create virtusertable.db and aliases.db > and that should get rid of the bogus names going to root. > > I find the virtualusertable to be quite handy for elminating a lot > of junk. It will only be a problem if you have a large user > base or lots of domains. > > Bill > -- > Bill Vermillion - bv @ wjv . com > > -- Bill Vermillion - bv @ wjv . com From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 01:42:26 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3568F16A4CE for ; Mon, 14 Feb 2005 01:42:26 +0000 (GMT) Received: from wjv.com (fl-65-40-24-38.sta.sprint-hsd.net [65.40.24.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7491B43D1D for ; Mon, 14 Feb 2005 01:42:25 +0000 (GMT) (envelope-from bv@bilver.wjv.com) Received: from bilver.wjv.com (localhost.wjv.com [127.0.0.1]) by wjv.com (8.12.11/8.13.1) with ESMTP id j1E1gLTQ054357 for ; Sun, 13 Feb 2005 20:42:21 -0500 (EST) (envelope-from bv@bilver.wjv.com) Received: (from bv@localhost) by bilver.wjv.com (8.12.11/8.13.1/Submit) id j1E1gLLv054356 for freebsd-isp@freebsd.org; Sun, 13 Feb 2005 20:42:21 -0500 (EST) (envelope-from bv) Date: Sun, 13 Feb 2005 20:42:21 -0500 From: Bill Vermillion To: freebsd-isp@freebsd.org Message-ID: <20050214014221.GB54164@wjv.com> References: <1BC9C5447DEF1F4FBE3927A31D6B540404DC08@gehrig.hall.oopz.com> <200502132313.36458.asstec@matik.com.br> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200502132313.36458.asstec@matik.com.br> Organization: W.J.Vermillion / Orlando - Winter Park ReplyTo: bv@wjv.com User-Agent: Mutt/1.5.6i X-Spam-Status: No, score=-1.6 required=5.0 tests=ALL_TRUSTED,J_CHICKENPOX_34, J_CHICKENPOX_71 autolearn=failed version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on bilver.wjv.com Subject: Re: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bv@wjv.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 01:42:26 -0000 I know you'll find this hard to believe, but on Sun, Feb 13, 2005 at 23:13 , Suporte Matik actually admitted to saying: > On Sunday 13 February 2005 22:46, Noah Davidson wrote: > > > The only problem with that approach is that this is a back up > > server and the users may not be able to know of all of the > > users. Is there any way to not have all of these bounced mail > > go to the postmaster / root account. > sendmail should reject mail for nonexistent users by default > and not forward to root unless you have any strange alias for > all but you say bounced mail what confuses me a little bit, but > anyway, isn't it that your systema accounts are exploited by > the spammers ? so if having 10 domains you may get 10 spams for > tty in your root mailbox, to prevent you may try this in your > access: > tty@ ERROR:"4.2.2:450 No such user here." > and so on for each systema account and rebuild the access.db and > probably your headache goes away The problem I have is that when mail is bounced back mail from spammers often comes from forged addresses and I get emails from the far site indicating there are unknown users. So I find routing noexistant users to /dev/null is more productive. While it's not exactly the best way to do it, there are so many bogus addresses sending mail I haven't found a good alternative. One site we handle has one of those strong standalone names that don't require any advertising to come up #1 on google or msn and when it finally hit 300,000 spams/day for that one domain I took out the MX records. I use the access.db for blocking known places and I won't send anything back at all - I used the DISCARD verb as sending messages back does nothing but generate more traffic. > > > > ________________________________ > > > > From: Bill Vermillion [mailto:bv@wjv.com] > > Sent: Sun 2/13/2005 2:30 PM > > To: Noah Davidson > > Cc: FreeBSD-ISP List > > Subject: Re: Sendmail question > > > > > > > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say > > > > on or about Sun, Feb 13, 2005 at 14:10 : > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > although it is primary for a couple of domains. It is running > > > sendmail 8.13.3 and it works fine, except for all the spam that > > > is being sent to it to bad email addresses. I have aliased > > > the root account to an email group on another server so that > > > someone reads the root mail. The problem is that all the mail > > > that spammers are sending to address that do not exist get > > > bounced and the root account a notification (I believe it > > > is the postmaster alias which is aliased to root). Is there > > > any way to not have these notifications sent out. They are > > > filling up the mail boxes. I just want the return to sender, but > > > not to the root / postmaster as well. I have tried using the > > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > > > additional account as well. > > > > Making assumptions that your sendmail is receiving bogus mail > > for accounts that you have sendmail receive here is approach you > > can take. > > > > Assume you have domains a.com b.com and c.com and your > > local-host-names has those. > > > > Then you need to find out what users you have for each domain > > > > If you have curly larry and moe on a.com and no one else, then you > > can build a virtualusrtable that looks like this. > > > > curly@a.com curly > > larry@a.com larry > > moe@a.com moe > > @a.com nouser > > > > And the accnount 'nouser' will be in your /etc/mail/aliases > > file and will look like this: > > > > nouser: /dev/null > > > > Run make in /etc/mail to create virtusertable.db and aliases.db > > and that should get rid of the bogus names going to root. > > > > I find the virtualusertable to be quite handy for elminating a lot > > of junk. It will only be a problem if you have a large user > > base or lots of domains. > > > > Bill > > -- > > Bill Vermillion - bv @ wjv . com > > > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > -- > > > Infomatik > implementamos asas na sua rede. > (18)3551.3591 (18)8112.7007 > _______________________________________________________ > Participe na lista de seguran?a, > recebendo as mais importantes not?cias na hora > Entre em http://info.matik.com.br e participe. > _______________________________________________________ > Mensagens sem assinatura GPG n?o s?o nossas. > Messages without GPG signature are not from us. > _______________________________________________________ -- Bill Vermillion - bv @ wjv . com From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 01:56:44 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B4DA116A4CE for ; Mon, 14 Feb 2005 01:56:43 +0000 (GMT) Received: from gehrig.hall.oopz.com (gehrig.hall.oopz.com [207.202.240.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id D96BF43D53 for ; Mon, 14 Feb 2005 01:56:42 +0000 (GMT) (envelope-from NoahD@oopz.com) Date: Sun, 13 Feb 2005 17:56:42 -0800 MIME-Version: 1.0 Message-ID: <1BC9C5447DEF1F4FBE3927A31D6B540404DC09@gehrig.hall.oopz.com> X-MS-Has-Attach: Content-class: urn:content-classes:message X-MS-TNEF-Correlator: X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Thread-Topic: Sendmail question Thread-Index: AcUSNpLT588s4tZ3TE+PHqS2j6fy5QAAL4Wp From: "Noah Davidson" To: , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: RE: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 01:56:44 -0000 This is a backup mail server. The primary mail server is an Exchange = 2003 server. So when mail is sent to invaliduser@bdomain.com then this = server sends the mail to the exchange server that is responsible for = handling the mail for domain.com. Since the user does not exist it = bounces the mail. Then the root alias gets a copy of the bounced mail. = Is there any way to prevent this from happening? This server should = just queue the mail for the exchange server until the exchange server is = available. =20 Thanks Noah Davidson ________________________________ From: owner-freebsd-isp@freebsd.org on behalf of Bill Vermillion Sent: Sun 2/13/2005 5:42 PM To: freebsd-isp@freebsd.org Subject: Re: Sendmail question I know you'll find this hard to believe, but on Sun, Feb 13, 2005 at = 23:13 , Suporte Matik actually admitted to saying: > On Sunday 13 February 2005 22:46, Noah Davidson wrote: > > > The only problem with that approach is that this is a back up > > server and the users may not be able to know of all of the > > users. Is there any way to not have all of these bounced mail > > go to the postmaster / root account. > sendmail should reject mail for nonexistent users by default > and not forward to root unless you have any strange alias for > all but you say bounced mail what confuses me a little bit, but > anyway, isn't it that your systema accounts are exploited by > the spammers ? so if having 10 domains you may get 10 spams for > tty in your root mailbox, to prevent you may try this in your > access: > tty@ ERROR:"4.2.2:450 No such user here." > and so on for each systema account and rebuild the access.db and > probably your headache goes away The problem I have is that when mail is bounced back mail from spammers often comes from forged addresses and I get emails from the far site indicating there are unknown users. So I find routing noexistant users to /dev/null is more productive. While it's not exactly the best way to do it, there are so many bogus addresses sending mail I haven't found a good alternative. One site we handle has one of those strong standalone names that don't require any advertising to come up #1 on google or msn and when it finally hit 300,000 spams/day for that one domain I took out the MX records. I use the access.db for blocking known places and I won't send anything back at all - I used the DISCARD verb as sending messages back does nothing but generate more traffic. > > > > ________________________________ > > > > From: Bill Vermillion [mailto:bv@wjv.com] > > Sent: Sun 2/13/2005 2:30 PM > > To: Noah Davidson > > Cc: FreeBSD-ISP List > > Subject: Re: Sendmail question > > > > > > > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say > > > > on or about Sun, Feb 13, 2005 at 14:10 : > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > although it is primary for a couple of domains. It is running > > > sendmail 8.13.3 and it works fine, except for all the spam that > > > is being sent to it to bad email addresses. I have aliased > > > the root account to an email group on another server so that > > > someone reads the root mail. The problem is that all the mail > > > that spammers are sending to address that do not exist get > > > bounced and the root account a notification (I believe it > > > is the postmaster alias which is aliased to root). Is there > > > any way to not have these notifications sent out. They are > > > filling up the mail boxes. I just want the return to sender, but > > > not to the root / postmaster as well. I have tried using the > > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > > > additional account as well. > > > > Making assumptions that your sendmail is receiving bogus mail > > for accounts that you have sendmail receive here is approach you > > can take. > > > > Assume you have domains a.com b.com and c.com and your > > local-host-names has those. > > > > Then you need to find out what users you have for each domain > > > > If you have curly larry and moe on a.com and no one else, then you > > can build a virtualusrtable that looks like this. > > > > curly@a.com curly > > larry@a.com larry > > moe@a.com moe > > @a.com nouser > > > > And the accnount 'nouser' will be in your /etc/mail/aliases > > file and will look like this: > > > > nouser: /dev/null > > > > Run make in /etc/mail to create virtusertable.db and aliases.db > > and that should get rid of the bogus names going to root. > > > > I find the virtualusertable to be quite handy for elminating a lot > > of junk. It will only be a problem if you have a large user > > base or lots of domains. > > > > Bill > > -- > > Bill Vermillion - bv @ wjv . com > > > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to = "freebsd-isp-unsubscribe@freebsd.org" > > -- > > > Infomatik > implementamos asas na sua rede. > (18)3551.3591 (18)8112.7007 > _______________________________________________________ > Participe na lista de seguran?a, > recebendo as mais importantes not?cias na hora > Entre em http://info.matik.com.br e participe. > _______________________________________________________ > Mensagens sem assinatura GPG n?o s?o nossas. > Messages without GPG signature are not from us. > _______________________________________________________ -- Bill Vermillion - bv @ wjv . com _______________________________________________ freebsd-isp@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-isp To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 02:11:33 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4036116A4CE for ; Mon, 14 Feb 2005 02:11:33 +0000 (GMT) Received: from msrv.matik.com.br (msrv.matik.com.br [200.152.83.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2065543D4C for ; Mon, 14 Feb 2005 02:11:32 +0000 (GMT) (envelope-from asstec@matik.com.br) Received: from [200.152.82.190] ([200.152.82.190]) by msrv.matik.com.br (8.13.1/8.12.11) with ESMTP id j1E2BZwV016616 for ; Mon, 14 Feb 2005 00:11:35 -0200 (BRST) (envelope-from asstec@matik.com.br) From: Suporte Matik To: freebsd-isp@freebsd.org Date: Mon, 14 Feb 2005 00:11:21 -0200 User-Agent: KMail/1.7.2 References: <1BC9C5447DEF1F4FBE3927A31D6B540404DC09@gehrig.hall.oopz.com> In-Reply-To: <1BC9C5447DEF1F4FBE3927A31D6B540404DC09@gehrig.hall.oopz.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart9071058.fDEe8KKj5x"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200502140011.22457.asstec@matik.com.br> X-Virus-Scanned: ClamAV 0.80/705/Fri Feb 11 14:51:32 2005 clamav-milter version 0.80j on msrv.matik.com.br X-Virus-Status: Clean X-Spam-Status: No, score=-101.0 required=5.0 tests=ALL_TRUSTED,ISO_7BITS, J_CHICKENPOX_34,J_CHICKENPOX_71,NO_RDNS2,TW_WJ,USER_IN_WHITELIST autolearn=failed version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on msrv.matik.com.br Subject: Re: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 02:11:33 -0000 --nextPart9071058.fDEe8KKj5x Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Sunday 13 February 2005 23:56, Noah Davidson wrote: > This is a backup mail server. The primary mail server is an Exchange 2003 > server. So when mail is sent to invaliduser@bdomain.com then this server > sends the mail to the exchange server that is responsible for handling the you wrote: > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > although it is primary for a couple of domains. It is running > > > sendmail 8.13.3 and it works fine, except for all the spam that but sorry for not understanding your strange crypt ... > mail for domain.com. Since the user does not exist it bounces the mail.= =20 > Then the root alias gets a copy of the bounced mail. Is there any way to > prevent this from happening? This server should just queue the mail for > the exchange server until the exchange server is available. > but anyway you may use /etc/mailertable and put a line like this for each=20 domain you forward and there should no additional mail processing until the= =20 msg timed out conforming your sendmail.cf settings =2Edomain.com smtp:windots.com.br aditional you need add to your local-host-names the host name as used in th= e=20 domains MX record > Thanks > Noah Davidson > > ________________________________ > > From: owner-freebsd-isp@freebsd.org on behalf of Bill Vermillion > Sent: Sun 2/13/2005 5:42 PM > To: freebsd-isp@freebsd.org > Subject: Re: Sendmail question > > > > I know you'll find this hard to believe, but on Sun, Feb 13, 2005 at 23:13 > , > > Suporte Matik actually admitted to saying: > > On Sunday 13 February 2005 22:46, Noah Davidson wrote: > > > The only problem with that approach is that this is a back up > > > server and the users may not be able to know of all of the > > > users. Is there any way to not have all of these bounced mail > > > go to the postmaster / root account. > > > > sendmail should reject mail for nonexistent users by default > > and not forward to root unless you have any strange alias for > > all but you say bounced mail what confuses me a little bit, but > > anyway, isn't it that your systema accounts are exploited by > > the spammers ? so if having 10 domains you may get 10 spams for > > tty in your root mailbox, to prevent you may try this in your > > access: > > > > tty@ ERROR:"4.2.2:450 No such user here." > > > > and so on for each systema account and rebuild the access.db and > > probably your headache goes away > > The problem I have is that when mail is bounced back mail from > spammers often comes from forged addresses and I get emails > from the far site indicating there are unknown users. > > So I find routing noexistant users to /dev/null is more productive. > While it's not exactly the best way to do it, there are so many > bogus addresses sending mail I haven't found a good alternative. > > One site we handle has one of those strong standalone names that > don't require any advertising to come up #1 on google or msn and > when it finally hit 300,000 spams/day for that one domain I took > out the MX records. > > I use the access.db for blocking known places and I won't send > anything back at all - I used the DISCARD verb as sending messages > back does nothing but generate more traffic. > > > > ________________________________ > > > > > > From: Bill Vermillion [mailto:bv@wjv.com] > > > Sent: Sun 2/13/2005 2:30 PM > > > To: Noah Davidson > > > Cc: FreeBSD-ISP List > > > Subject: Re: Sendmail question > > > > > > > > > > > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say > > > > > > on or about Sun, Feb 13, 2005 at 14:10 : > > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > > although it is primary for a couple of domains. It is running > > > > sendmail 8.13.3 and it works fine, except for all the spam that > > > > is being sent to it to bad email addresses. I have aliased > > > > the root account to an email group on another server so that > > > > someone reads the root mail. The problem is that all the mail > > > > that spammers are sending to address that do not exist get > > > > bounced and the root account a notification (I believe it > > > > is the postmaster alias which is aliased to root). Is there > > > > any way to not have these notifications sent out. They are > > > > filling up the mail boxes. I just want the return to sender, but > > > > not to the root / postmaster as well. I have tried using the > > > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > > > > additional account as well. > > > > > > Making assumptions that your sendmail is receiving bogus mail > > > for accounts that you have sendmail receive here is approach you > > > can take. > > > > > > Assume you have domains a.com b.com and c.com and your > > > local-host-names has those. > > > > > > Then you need to find out what users you have for each domain > > > > > > If you have curly larry and moe on a.com and no one else, then you > > > can build a virtualusrtable that looks like this. > > > > > > curly@a.com curly > > > larry@a.com larry > > > moe@a.com moe > > > @a.com nouser > > > > > > And the accnount 'nouser' will be in your /etc/mail/aliases > > > file and will look like this: > > > > > > nouser: /dev/null > > > > > > Run make in /etc/mail to create virtusertable.db and aliases.db > > > and that should get rid of the bogus names going to root. > > > > > > I find the virtualusertable to be quite handy for elminating a lot > > > of junk. It will only be a problem if you have a large user > > > base or lots of domains. > > > > > > Bill > > > -- > > > Bill Vermillion - bv @ wjv . com > > > > > > > > > _______________________________________________ > > > freebsd-isp@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > -- > > > > > > Infomatik > > implementamos asas na sua rede. > > (18)3551.3591 (18)8112.7007 > > _______________________________________________________ > > Participe na lista de seguran?a, > > recebendo as mais importantes not?cias na hora > > Entre em http://info.matik.com.br e participe. > > _______________________________________________________ > > Mensagens sem assinatura GPG n?o s?o nossas. > > Messages without GPG signature are not from us. > > _______________________________________________________ > > -- > Bill Vermillion - bv @ wjv . com > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" =2D-=20 Infomatik implementamos asas na sua rede. (18)3551.3591 (18)8112.7007 _______________________________________________________ Participe na lista de seguran=E7a,=20 recebendo as mais importantes not=EDcias na hora Entre em http://info.matik.com.br e participe. _______________________________________________________ Mensagens sem assinatura GPG n=E3o s=E3o nossas. Messages without GPG signature are not from us. _______________________________________________________ --nextPart9071058.fDEe8KKj5x Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCEAjK22x1wvvbslkRAv7IAKDApFtykrDwpe/hVNiPZ+ezzXWerACgnc39 Kh0XRcuaLnpiROQnonuumI8= =mr/N -----END PGP SIGNATURE----- --nextPart9071058.fDEe8KKj5x-- From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 03:36:57 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6C28316A4CE for ; Mon, 14 Feb 2005 03:36:57 +0000 (GMT) Received: from gehrig.hall.oopz.com (gehrig.hall.oopz.com [207.202.240.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C32F43D49 for ; Mon, 14 Feb 2005 03:36:56 +0000 (GMT) (envelope-from NoahD@oopz.com) Date: Sun, 13 Feb 2005 19:33:18 -0800 MIME-Version: 1.0 Message-ID: <1BC9C5447DEF1F4FBE3927A31D6B540404DC0A@gehrig.hall.oopz.com> Content-class: urn:content-classes:message X-MS-Has-Attach: X-MS-TNEF-Correlator: X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0 Thread-Topic: Sendmail question Thread-Index: AcUSOogjJeatfvq0TiSZpd2z52Q4MgAC2Rtj From: "Noah Davidson" To: "Suporte Matik" , Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: RE: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 03:36:57 -0000 Yes I have the mailertab working as expected. The issue is that all = rejected mail from the exchange server is bouncing back and a copy is = sent to the root user's mailbox. This bounced mail is filling up the = root mailbox. Is there anyway to not have the bounced mail go to the = root mailbox? =20 Thanks Noah ________________________________ From: owner-freebsd-isp@freebsd.org on behalf of Suporte Matik Sent: Sun 2/13/2005 6:11 PM To: freebsd-isp@freebsd.org Subject: Re: Sendmail question On Sunday 13 February 2005 23:56, Noah Davidson wrote: > This is a backup mail server. The primary mail server is an Exchange = 2003 > server. So when mail is sent to invaliduser@bdomain.com then this = server > sends the mail to the exchange server that is responsible for handling = the you wrote: > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > although it is primary for a couple of domains. It is running > > > sendmail 8.13.3 and it works fine, except for all the spam that but sorry for not understanding your strange crypt ... > mail for domain.com. Since the user does not exist it bounces the = mail. > Then the root alias gets a copy of the bounced mail. Is there any way = to > prevent this from happening? This server should just queue the mail = for > the exchange server until the exchange server is available. > but anyway you may use /etc/mailertable and put a line like this for = each domain you forward and there should no additional mail processing until = the msg timed out conforming your sendmail.cf settings .domain.com smtp:windots.com.br aditional you need add to your local-host-names the host name as used in = the domains MX record > Thanks > Noah Davidson > > ________________________________ > > From: owner-freebsd-isp@freebsd.org on behalf of Bill Vermillion > Sent: Sun 2/13/2005 5:42 PM > To: freebsd-isp@freebsd.org > Subject: Re: Sendmail question > > > > I know you'll find this hard to believe, but on Sun, Feb 13, 2005 at = 23:13 > , > > Suporte Matik actually admitted to saying: > > On Sunday 13 February 2005 22:46, Noah Davidson wrote: > > > The only problem with that approach is that this is a back up > > > server and the users may not be able to know of all of the > > > users. Is there any way to not have all of these bounced mail > > > go to the postmaster / root account. > > > > sendmail should reject mail for nonexistent users by default > > and not forward to root unless you have any strange alias for > > all but you say bounced mail what confuses me a little bit, but > > anyway, isn't it that your systema accounts are exploited by > > the spammers ? so if having 10 domains you may get 10 spams for > > tty in your root mailbox, to prevent you may try this in your > > access: > > > > tty@ ERROR:"4.2.2:450 No such user here." > > > > and so on for each systema account and rebuild the access.db and > > probably your headache goes away > > The problem I have is that when mail is bounced back mail from > spammers often comes from forged addresses and I get emails > from the far site indicating there are unknown users. > > So I find routing noexistant users to /dev/null is more productive. > While it's not exactly the best way to do it, there are so many > bogus addresses sending mail I haven't found a good alternative. > > One site we handle has one of those strong standalone names that > don't require any advertising to come up #1 on google or msn and > when it finally hit 300,000 spams/day for that one domain I took > out the MX records. > > I use the access.db for blocking known places and I won't send > anything back at all - I used the DISCARD verb as sending messages > back does nothing but generate more traffic. > > > > ________________________________ > > > > > > From: Bill Vermillion [mailto:bv@wjv.com] > > > Sent: Sun 2/13/2005 2:30 PM > > > To: Noah Davidson > > > Cc: FreeBSD-ISP List > > > Subject: Re: Sendmail question > > > > > > > > > > > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say > > > > > > on or about Sun, Feb 13, 2005 at 14:10 : > > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > > although it is primary for a couple of domains. It is running > > > > sendmail 8.13.3 and it works fine, except for all the spam that > > > > is being sent to it to bad email addresses. I have aliased > > > > the root account to an email group on another server so that > > > > someone reads the root mail. The problem is that all the mail > > > > that spammers are sending to address that do not exist get > > > > bounced and the root account a notification (I believe it > > > > is the postmaster alias which is aliased to root). Is there > > > > any way to not have these notifications sent out. They are > > > > filling up the mail boxes. I just want the return to sender, but > > > > not to the root / postmaster as well. I have tried using the > > > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > > > > additional account as well. > > > > > > Making assumptions that your sendmail is receiving bogus mail > > > for accounts that you have sendmail receive here is approach you > > > can take. > > > > > > Assume you have domains a.com b.com and c.com and your > > > local-host-names has those. > > > > > > Then you need to find out what users you have for each domain > > > > > > If you have curly larry and moe on a.com and no one else, then you > > > can build a virtualusrtable that looks like this. > > > > > > curly@a.com curly > > > larry@a.com larry > > > moe@a.com moe > > > @a.com nouser > > > > > > And the accnount 'nouser' will be in your /etc/mail/aliases > > > file and will look like this: > > > > > > nouser: /dev/null > > > > > > Run make in /etc/mail to create virtusertable.db and aliases.db > > > and that should get rid of the bogus names going to root. > > > > > > I find the virtualusertable to be quite handy for elminating a lot > > > of junk. It will only be a problem if you have a large user > > > base or lots of domains. > > > > > > Bill > > > -- > > > Bill Vermillion - bv @ wjv . com > > > > > > > > > _______________________________________________ > > > freebsd-isp@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > To unsubscribe, send any mail to = "freebsd-isp-unsubscribe@freebsd.org" > > > > -- > > > > > > Infomatik > > implementamos asas na sua rede. > > (18)3551.3591 (18)8112.7007 > > _______________________________________________________ > > Participe na lista de seguran?a, > > recebendo as mais importantes not?cias na hora > > Entre em http://info.matik.com.br e participe. > > _______________________________________________________ > > Mensagens sem assinatura GPG n?o s?o nossas. > > Messages without GPG signature are not from us. > > _______________________________________________________ > > -- > Bill Vermillion - bv @ wjv . com > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" -- Infomatik implementamos asas na sua rede. (18)3551.3591 (18)8112.7007 _______________________________________________________ Participe na lista de seguran=E7a, recebendo as mais importantes not=EDcias na hora Entre em http://info.matik.com.br e participe. _______________________________________________________ Mensagens sem assinatura GPG n=E3o s=E3o nossas. Messages without GPG signature are not from us. _______________________________________________________ From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 09:20:29 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2882C16A4CE for ; Mon, 14 Feb 2005 09:20:29 +0000 (GMT) Received: from msrv.matik.com.br (msrv.matik.com.br [200.152.83.14]) by mx1.FreeBSD.org (Postfix) with ESMTP id A0F6F43D45 for ; Mon, 14 Feb 2005 09:20:27 +0000 (GMT) (envelope-from asstec@matik.com.br) Received: from [200.152.82.190] ([200.152.82.190]) by msrv.matik.com.br (8.13.1/8.12.11) with ESMTP id j1E9KX4f021936 for ; Mon, 14 Feb 2005 07:20:34 -0200 (BRST) (envelope-from asstec@matik.com.br) From: Suporte Matik To: freebsd-isp@freebsd.org Date: Mon, 14 Feb 2005 07:20:05 -0200 User-Agent: KMail/1.7.2 References: <1BC9C5447DEF1F4FBE3927A31D6B540404DC0A@gehrig.hall.oopz.com> In-Reply-To: <1BC9C5447DEF1F4FBE3927A31D6B540404DC0A@gehrig.hall.oopz.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2677540.8k7xauS4d0"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200502140720.15810.asstec@matik.com.br> X-Virus-Scanned: ClamAV 0.80/705/Fri Feb 11 14:51:32 2005 clamav-milter version 0.80j on msrv.matik.com.br X-Virus-Status: Clean X-Spam-Status: No, score=-100.5 required=5.0 tests=ALL_TRUSTED,ISO_7BITS, J_CHICKENPOX_34,J_CHICKENPOX_71,MONOTONE_WORDS_2_15,NO_RDNS2,SMILEY, TW_WJ,USER_IN_WHITELIST autolearn=failed version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on msrv.matik.com.br Subject: Re: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 09:20:29 -0000 --nextPart2677540.8k7xauS4d0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Monday 14 February 2005 01:33, Noah Davidson wrote: > Yes I have the mailertab working as expected. The issue is that all > rejected mail from the exchange server is bouncing back and a copy is sent > to the root user's mailbox. This bounced mail is filling up the root > mailbox. Is there anyway to not have the bounced mail go to the root > mailbox? yes! do not send them to root ;) you must have something misconfigured because the mailgatway root should no= t=20 get anything back from your other mailserver because it is not the sender. = I=20 do not know about your exchange server but if it bounce mail it should go=20 back to the sender MTA and not to the mailgateway - but if so you have=20 something wrong IMO You better copy a header to see WHAT you get back and tail your logs. Hans > > Thanks > Noah > > ________________________________ > > From: owner-freebsd-isp@freebsd.org on behalf of Suporte Matik > Sent: Sun 2/13/2005 6:11 PM > To: freebsd-isp@freebsd.org > Subject: Re: Sendmail question > > On Sunday 13 February 2005 23:56, Noah Davidson wrote: > > This is a backup mail server. The primary mail server is an Exchange > > 2003 server. So when mail is sent to invaliduser@bdomain.com then this > > server sends the mail to the exchange server that is responsible for > > handling the > > you wrote: > > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > > although it is primary for a couple of domains. It is running > > > > sendmail 8.13.3 and it works fine, except for all the spam that > > but sorry for not understanding your strange crypt ... > > > mail for domain.com. Since the user does not exist it bounces the mail. > > Then the root alias gets a copy of the bounced mail. Is there any way = to > > prevent this from happening? This server should just queue the mail for > > the exchange server until the exchange server is available. > > but anyway you may use /etc/mailertable and put a line like this for each > domain you forward and there should no additional mail processing until t= he > msg timed out conforming your sendmail.cf settings > > .domain.com smtp:windots.com.br > > aditional you need add to your local-host-names the host name as used in > the domains MX record > > > Thanks > > Noah Davidson > > > > ________________________________ > > > > From: owner-freebsd-isp@freebsd.org on behalf of Bill Vermillion > > Sent: Sun 2/13/2005 5:42 PM > > To: freebsd-isp@freebsd.org > > Subject: Re: Sendmail question > > > > > > > > I know you'll find this hard to believe, but on Sun, Feb 13, 2005 at > > 23:13 , > > > > Suporte Matik actually admitted to saying: > > > On Sunday 13 February 2005 22:46, Noah Davidson wrote: > > > > The only problem with that approach is that this is a back up > > > > server and the users may not be able to know of all of the > > > > users. Is there any way to not have all of these bounced mail > > > > go to the postmaster / root account. > > > > > > sendmail should reject mail for nonexistent users by default > > > and not forward to root unless you have any strange alias for > > > all but you say bounced mail what confuses me a little bit, but > > > anyway, isn't it that your systema accounts are exploited by > > > the spammers ? so if having 10 domains you may get 10 spams for > > > tty in your root mailbox, to prevent you may try this in your > > > access: > > > > > > tty@ ERROR:"4.2.2:450 No such user here." > > > > > > and so on for each systema account and rebuild the access.db and > > > probably your headache goes away > > > > The problem I have is that when mail is bounced back mail from > > spammers often comes from forged addresses and I get emails > > from the far site indicating there are unknown users. > > > > So I find routing noexistant users to /dev/null is more productive. > > While it's not exactly the best way to do it, there are so many > > bogus addresses sending mail I haven't found a good alternative. > > > > One site we handle has one of those strong standalone names that > > don't require any advertising to come up #1 on google or msn and > > when it finally hit 300,000 spams/day for that one domain I took > > out the MX records. > > > > I use the access.db for blocking known places and I won't send > > anything back at all - I used the DISCARD verb as sending messages > > back does nothing but generate more traffic. > > > > > > ________________________________ > > > > > > > > From: Bill Vermillion [mailto:bv@wjv.com] > > > > Sent: Sun 2/13/2005 2:30 PM > > > > To: Noah Davidson > > > > Cc: FreeBSD-ISP List > > > > Subject: Re: Sendmail question > > > > > > > > > > > > > > > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say > > > > > > > > on or about Sun, Feb 13, 2005 at 14:10 : > > > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > > > although it is primary for a couple of domains. It is running > > > > > sendmail 8.13.3 and it works fine, except for all the spam that > > > > > is being sent to it to bad email addresses. I have aliased > > > > > the root account to an email group on another server so that > > > > > someone reads the root mail. The problem is that all the mail > > > > > that spammers are sending to address that do not exist get > > > > > bounced and the root account a notification (I believe it > > > > > is the postmaster alias which is aliased to root). Is there > > > > > any way to not have these notifications sent out. They are > > > > > filling up the mail boxes. I just want the return to sender, but > > > > > not to the root / postmaster as well. I have tried using the > > > > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > > > > > additional account as well. > > > > > > > > Making assumptions that your sendmail is receiving bogus mail > > > > for accounts that you have sendmail receive here is approach you > > > > can take. > > > > > > > > Assume you have domains a.com b.com and c.com and your > > > > local-host-names has those. > > > > > > > > Then you need to find out what users you have for each domain > > > > > > > > If you have curly larry and moe on a.com and no one else, then you > > > > can build a virtualusrtable that looks like this. > > > > > > > > curly@a.com curly > > > > larry@a.com larry > > > > moe@a.com moe > > > > @a.com nouser > > > > > > > > And the accnount 'nouser' will be in your /etc/mail/aliases > > > > file and will look like this: > > > > > > > > nouser: /dev/null > > > > > > > > Run make in /etc/mail to create virtusertable.db and aliases.db > > > > and that should get rid of the bogus names going to root. > > > > > > > > I find the virtualusertable to be quite handy for elminating a lot > > > > of junk. It will only be a problem if you have a large user > > > > base or lots of domains. > > > > > > > > Bill > > > > -- > > > > Bill Vermillion - bv @ wjv . com > > > > > > > > > > > > _______________________________________________ > > > > freebsd-isp@freebsd.org mailing list > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > > To unsubscribe, send any mail to > > > > "freebsd-isp-unsubscribe@freebsd.org" > > > > > > -- > > > > > > > > > Infomatik > > > implementamos asas na sua rede. > > > (18)3551.3591 (18)8112.7007 > > > _______________________________________________________ > > > Participe na lista de seguran?a, > > > recebendo as mais importantes not?cias na hora > > > Entre em http://info.matik.com.br e participe. > > > _______________________________________________________ > > > Mensagens sem assinatura GPG n?o s?o nossas. > > > Messages without GPG signature are not from us. > > > _______________________________________________________ > > > > -- > > Bill Vermillion - bv @ wjv . com > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > -- > > > Infomatik > implementamos asas na sua rede. > (18)3551.3591 (18)8112.7007 > _______________________________________________________ > Participe na lista de seguran=E7a, > recebendo as mais importantes not=EDcias na hora > Entre em http://info.matik.com.br e participe. > _______________________________________________________ > Mensagens sem assinatura GPG n=E3o s=E3o nossas. > Messages without GPG signature are not from us. > _______________________________________________________ > > > _______________________________________________ > freebsd-isp@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" =2D-=20 Infomatik implementamos asas na sua rede. (18)3551.3591 (18)8112.7007 _______________________________________________________ Participe na lista de seguran=E7a,=20 recebendo as mais importantes not=EDcias na hora Entre em http://info.matik.com.br e participe. _______________________________________________________ Mensagens sem assinatura GPG n=E3o s=E3o nossas. Messages without GPG signature are not from us. _______________________________________________________ --nextPart2677540.8k7xauS4d0 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCEG1P22x1wvvbslkRArtIAKC8JAn3vzaseetLyKmssbHHHA6kTwCghwrS skZuwScUrkWccuhe8MsL3wM= =AieS -----END PGP SIGNATURE----- --nextPart2677540.8k7xauS4d0-- From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 15:53:35 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EDCD916A4CE for ; Mon, 14 Feb 2005 15:53:35 +0000 (GMT) Received: from wjv.com (fl-65-40-24-38.sta.sprint-hsd.net [65.40.24.38]) by mx1.FreeBSD.org (Postfix) with ESMTP id CBA6B43D48 for ; Mon, 14 Feb 2005 15:53:32 +0000 (GMT) (envelope-from bv@bilver.wjv.com) Received: from bilver.wjv.com (localhost.wjv.com [127.0.0.1]) by wjv.com (8.12.11/8.13.1) with ESMTP id j1EFrRi1061575 for ; Mon, 14 Feb 2005 10:53:27 -0500 (EST) (envelope-from bv@bilver.wjv.com) Received: (from bv@localhost) by bilver.wjv.com (8.12.11/8.13.1/Submit) id j1EFrQel061574 for freebsd-isp@freebsd.org; Mon, 14 Feb 2005 10:53:26 -0500 (EST) (envelope-from bv) Date: Mon, 14 Feb 2005 10:53:26 -0500 From: Bill Vermillion To: freebsd-isp@freebsd.org Message-ID: <20050214155326.GA61258@wjv.com> References: <1BC9C5447DEF1F4FBE3927A31D6B540404DC0A@gehrig.hall.oopz.com> <200502140720.15810.asstec@matik.com.br> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200502140720.15810.asstec@matik.com.br> Organization: W.J.Vermillion / Orlando - Winter Park ReplyTo: bv@wjv.com User-Agent: Mutt/1.5.6i X-Spam-Status: No, score=-1.6 required=5.0 tests=ALL_TRUSTED,J_CHICKENPOX_34, J_CHICKENPOX_71 autolearn=failed version=3.0.1 X-Spam-Checker-Version: SpamAssassin 3.0.1 (2004-10-22) on bilver.wjv.com Subject: Re: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: bv@wjv.com List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 15:53:36 -0000 Deep in the forest in the dark of night on Mon, Feb 14, 2005 at 07:20 with a cackle and an evil grin Suporte Matik cast another eye of newt into the brew and chanted: > On Monday 14 February 2005 01:33, Noah Davidson wrote: > > > Yes I have the mailertab working as expected. The issue is > > that all rejected mail from the exchange server is bouncing > > back and a copy is sent to the root user's mailbox. This > > bounced mail is filling up the root mailbox. Is there anyway > > to not have the bounced mail go to the root mailbox? > yes! do not send them to root ;) > you must have something misconfigured because the mailgatway > root should not get anything back from your other mailserver > because it is not the sender. I do not know about your exchange > server but if it bounce mail it should go back to the sender MTA > and not to the mailgateway - but if so you have something wrong > IMO We had a client who decided they'd rather have an in-house email server than use ours. We handled their DNS and hosted their web-services also So I repointed the MX records to their machine. A while later I was greeted by a flood of messages in the root mbox as the MS machine was reejecting every piece of mail that was not for a local user and returning them to the sender. Since most messages of this type were spam sent from bogus addresses they were bounced back from the forged address/domain. The solution was simple. I turned off their mail service until they reconfigured their mail server to behave in a more appropriate manner. We were also running as their secondary MX and that was removed at that time. They had two choices - don't abuse our services or find another ISP. > > Thanks > > Noah > > > > ________________________________ > > > > From: owner-freebsd-isp@freebsd.org on behalf of Suporte Matik > > Sent: Sun 2/13/2005 6:11 PM > > To: freebsd-isp@freebsd.org > > Subject: Re: Sendmail question > > > > On Sunday 13 February 2005 23:56, Noah Davidson wrote: > > > This is a backup mail server. The primary mail server is an Exchange > > > 2003 server. So when mail is sent to invaliduser@bdomain.com then this > > > server sends the mail to the exchange server that is responsible for > > > handling the > > > > you wrote: > > > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > > > although it is primary for a couple of domains. It is running > > > > > sendmail 8.13.3 and it works fine, except for all the spam that > > > > but sorry for not understanding your strange crypt ... > > > > > mail for domain.com. Since the user does not exist it bounces the mail. > > > Then the root alias gets a copy of the bounced mail. Is there any way to > > > prevent this from happening? This server should just queue the mail for > > > the exchange server until the exchange server is available. > > > > but anyway you may use /etc/mailertable and put a line like this for each > > domain you forward and there should no additional mail processing until the > > msg timed out conforming your sendmail.cf settings > > > > .domain.com smtp:windots.com.br > > > > aditional you need add to your local-host-names the host name as used in > > the domains MX record > > > > > Thanks > > > Noah Davidson > > > > > > ________________________________ > > > > > > From: owner-freebsd-isp@freebsd.org on behalf of Bill Vermillion > > > Sent: Sun 2/13/2005 5:42 PM > > > To: freebsd-isp@freebsd.org > > > Subject: Re: Sendmail question > > > > > > > > > > > > I know you'll find this hard to believe, but on Sun, Feb 13, 2005 at > > > 23:13 , > > > > > > Suporte Matik actually admitted to saying: > > > > On Sunday 13 February 2005 22:46, Noah Davidson wrote: > > > > > The only problem with that approach is that this is a back up > > > > > server and the users may not be able to know of all of the > > > > > users. Is there any way to not have all of these bounced mail > > > > > go to the postmaster / root account. > > > > > > > > sendmail should reject mail for nonexistent users by default > > > > and not forward to root unless you have any strange alias for > > > > all but you say bounced mail what confuses me a little bit, but > > > > anyway, isn't it that your systema accounts are exploited by > > > > the spammers ? so if having 10 domains you may get 10 spams for > > > > tty in your root mailbox, to prevent you may try this in your > > > > access: > > > > > > > > tty@ ERROR:"4.2.2:450 No such user here." > > > > > > > > and so on for each systema account and rebuild the access.db and > > > > probably your headache goes away > > > > > > The problem I have is that when mail is bounced back mail from > > > spammers often comes from forged addresses and I get emails > > > from the far site indicating there are unknown users. > > > > > > So I find routing noexistant users to /dev/null is more productive. > > > While it's not exactly the best way to do it, there are so many > > > bogus addresses sending mail I haven't found a good alternative. > > > > > > One site we handle has one of those strong standalone names that > > > don't require any advertising to come up #1 on google or msn and > > > when it finally hit 300,000 spams/day for that one domain I took > > > out the MX records. > > > > > > I use the access.db for blocking known places and I won't send > > > anything back at all - I used the DISCARD verb as sending messages > > > back does nothing but generate more traffic. > > > > > > > > ________________________________ > > > > > > > > > > From: Bill Vermillion [mailto:bv@wjv.com] > > > > > Sent: Sun 2/13/2005 2:30 PM > > > > > To: Noah Davidson > > > > > Cc: FreeBSD-ISP List > > > > > Subject: Re: Sendmail question > > > > > > > > > > > > > > > > > > > > Ashes to ashes, and DOS to DOS Noah Davidson was heard to say > > > > > > > > > > on or about Sun, Feb 13, 2005 at 14:10 : > > > > > > I have set up a new FreeBSD box as mainly a backup mail server, > > > > > > although it is primary for a couple of domains. It is running > > > > > > sendmail 8.13.3 and it works fine, except for all the spam that > > > > > > is being sent to it to bad email addresses. I have aliased > > > > > > the root account to an email group on another server so that > > > > > > someone reads the root mail. The problem is that all the mail > > > > > > that spammers are sending to address that do not exist get > > > > > > bounced and the root account a notification (I believe it > > > > > > is the postmaster alias which is aliased to root). Is there > > > > > > any way to not have these notifications sent out. They are > > > > > > filling up the mail boxes. I just want the return to sender, but > > > > > > not to the root / postmaster as well. I have tried using the > > > > > > confCOPY_ERRORS_TO in my .mc file, but that just sends it to an > > > > > > additional account as well. > > > > > > > > > > Making assumptions that your sendmail is receiving bogus mail > > > > > for accounts that you have sendmail receive here is approach you > > > > > can take. > > > > > > > > > > Assume you have domains a.com b.com and c.com and your > > > > > local-host-names has those. > > > > > > > > > > Then you need to find out what users you have for each domain > > > > > > > > > > If you have curly larry and moe on a.com and no one else, then you > > > > > can build a virtualusrtable that looks like this. > > > > > > > > > > curly@a.com curly > > > > > larry@a.com larry > > > > > moe@a.com moe > > > > > @a.com nouser > > > > > > > > > > And the accnount 'nouser' will be in your /etc/mail/aliases > > > > > file and will look like this: > > > > > > > > > > nouser: /dev/null > > > > > > > > > > Run make in /etc/mail to create virtusertable.db and aliases.db > > > > > and that should get rid of the bogus names going to root. > > > > > > > > > > I find the virtualusertable to be quite handy for elminating a lot > > > > > of junk. It will only be a problem if you have a large user > > > > > base or lots of domains. > > > > > > > > > > Bill > > > > > -- > > > > > Bill Vermillion - bv @ wjv . com > > > > > > > > > > > > > > > _______________________________________________ > > > > > freebsd-isp@freebsd.org mailing list > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > > > To unsubscribe, send any mail to > > > > > "freebsd-isp-unsubscribe@freebsd.org" > > > > > > > > -- > > > > > > > > > > > > Infomatik > > > > implementamos asas na sua rede. > > > > (18)3551.3591 (18)8112.7007 > > > > _______________________________________________________ > > > > Participe na lista de seguran?a, > > > > recebendo as mais importantes not?cias na hora > > > > Entre em http://info.matik.com.br e participe. > > > > _______________________________________________________ > > > > Mensagens sem assinatura GPG n?o s?o nossas. > > > > Messages without GPG signature are not from us. > > > > _______________________________________________________ > > > > > > -- > > > Bill Vermillion - bv @ wjv . com > > > _______________________________________________ > > > freebsd-isp@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > > > > > > _______________________________________________ > > > freebsd-isp@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > > > -- > > > > > > Infomatik > > implementamos asas na sua rede. > > (18)3551.3591 (18)8112.7007 > > _______________________________________________________ > > Participe na lista de seguran?a, > > recebendo as mais importantes not?cias na hora > > Entre em http://info.matik.com.br e participe. > > _______________________________________________________ > > Mensagens sem assinatura GPG n?o s?o nossas. > > Messages without GPG signature are not from us. > > _______________________________________________________ > > > > > > _______________________________________________ > > freebsd-isp@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-isp > > To unsubscribe, send any mail to "freebsd-isp-unsubscribe@freebsd.org" > > -- > > > Infomatik > implementamos asas na sua rede. > (18)3551.3591 (18)8112.7007 > _______________________________________________________ > Participe na lista de seguran?a, > recebendo as mais importantes not?cias na hora > Entre em http://info.matik.com.br e participe. > _______________________________________________________ > Mensagens sem assinatura GPG n?o s?o nossas. > Messages without GPG signature are not from us. > _______________________________________________________ -- Bill Vermillion - bv @ wjv . com From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 16:48:49 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9DFDE16A4CE for ; Mon, 14 Feb 2005 16:48:49 +0000 (GMT) Received: from avscan1.sentex.ca (avscan1.sentex.ca [199.212.134.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 21ADD43D48 for ; Mon, 14 Feb 2005 16:48:49 +0000 (GMT) (envelope-from freebsd@craigg.org) Received: from localhost (localhost.sentex.ca [127.0.0.1]) by avscan1.sentex.ca (8.12.11/8.12.11) with ESMTP id j1EGmmB6095454; Mon, 14 Feb 2005 11:48:48 -0500 (EST) (envelope-from freebsd@craigg.org) Received: from avscan1.sentex.ca ([127.0.0.1]) by localhost (avscan1.sentex.ca [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 95239-03; Mon, 14 Feb 2005 11:48:48 -0500 (EST) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by avscan1.sentex.ca (8.12.11/8.12.11) with ESMTP id j1EGmljv095423; Mon, 14 Feb 2005 11:48:47 -0500 (EST) (envelope-from freebsd@craigg.org) Received: from [192.168.42.192] ([192.168.42.192]) by lava.sentex.ca (8.12.11/8.12.11) with ESMTP id j1EGmfNk050770; Mon, 14 Feb 2005 11:48:42 -0500 (EST) (envelope-from freebsd@craigg.org) Message-ID: <4210D62E.5020708@craigg.org> Date: Mon, 14 Feb 2005 11:47:43 -0500 From: Craig Green User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.8a6) Gecko/20050111 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Noah Davidson References: <1BC9C5447DEF1F4FBE3927A31D6B540404DC09@gehrig.hall.oopz.com> In-Reply-To: <1BC9C5447DEF1F4FBE3927A31D6B540404DC09@gehrig.hall.oopz.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: by amavisd-new X-Virus-Scanned: by amavisd-new at avscan1b cc: freebsd-isp@freebsd.org Subject: Re: Sendmail question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 16:48:49 -0000 Noah Davidson wrote: >This is a backup mail server. The primary mail server is an Exchange 2003 server. So when mail is sent to invaliduser@bdomain.com then this server sends the mail to the exchange server that is responsible for handling the mail for domain.com. Since the user does not exist it bounces the mail. > The usual way of preventing bouncing is to have a list of valid users on the secondary MX as well as the primary. That way the secondary MX can reject mail for bad recipients, rather than being forced to accept everything, attempt a relay and bounce email for the bad rcpts. Naturally, there are a lot of instances where this is not possible. :-/ To work around this problem, what we did was use a 'call-ahead' milter, specifically Snert's milter-ahead. See http://www.milter.info/. It's not in Ports, but it compiles easily enough from tarball and the author even includes a FreeBSD compatible startup script. If you're leery about using programs not in Ports, MIMEDefang is in Ports and while it does not do this by default, if you know Perl coding a call-ahead function for it would be easy enough to do. What the milter does is after getting a 'RCTP TO' command from the foreign SMTP server, it checks to see if a route exists for the recipient domain in the mailertable (i.e. if the mail server is acting as a gateway or relay for the recipient domain). If a route does exist, it initiates an SMTP connection to the indicated destination server and sends a HELO / MAIL FROM: <> / RCPT TO: sequence, with the RCPT TO being what the milter received from the foreign server. If the milter gets back a 'recipient okay' from the server in the mailertable, then it tells the foreign server 'recipient okay'. If the recipient is rejected, then the milter also rejects the recipient. In essence, it forwards on the response from the server in the mailertable to the foreign server--hence 'call ahead'. Milter-ahead includes a cache (with a configurable timeout) of previously-checked recipients so it doesn't have to query the server in the mailertable every time. Its behaviour when it can't reach the server in the mailertable is configurable; you can either have it give a 4XX temporary error, or just accept the message. The latter is most appropriate for backup MXs and is what we use. Instead of bouncing a couple hundred thousand emails a day, we now reject them immediately at the border. This saves us from annoying a lot of people, generating double-bounces when the envelope sender is faked, cuts down on our bandwidth usage (since we reject after the RCPT TO, the email body is never sent), and saves our spam and virus scanning resources. It does increase the number of SMTP connects to the destination server, but from a bandwidth point of view, you can check a lot of email addresses in the bandwidth saved by rejecting a couple of viral emails instead of forwarding them on and having them bounce. All in all, it's a clear win for us. The only downside is that a reject response may be cached for an email address that later is activated and becomes valid. As you might guess this happens vanishingly rarely, but it has happened once or twice. Keeping the cache time to a day or two mitigates this (it defaults to one week(!)); with a one day cache, newly invalidated data will be held for an average of only 12 hours. If we do get a report, we simply flush the cache and all's well. Regards, Craig. ------ >Then the root alias gets a copy of the bounced mail. Is there any way to prevent this from happening? This server should just queue the mail for the exchange server until the exchange server is available. > >Thanks >Noah Davidson > >_ > From owner-freebsd-isp@FreeBSD.ORG Mon Feb 14 17:14:59 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3730D16A4CE for ; Mon, 14 Feb 2005 17:14:59 +0000 (GMT) Received: from xenon.xe.com (smtp1.xe.net [216.220.37.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id B355543D4C for ; Mon, 14 Feb 2005 17:14:58 +0000 (GMT) (envelope-from kapn@kapn.net) Received: from [192.168.1.102] (ws-gw.tor.xe.net [216.220.37.73]) (authenticated bits=0) by xenon.xe.com (8.13.1/8.13.1) with ESMTP id j1EHEqAY028518 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 14 Feb 2005 12:14:57 -0500 (EST) (envelope-from kapn@kapn.net) Message-ID: <4210DCEB.5010909@kapn.net> Date: Mon, 14 Feb 2005 12:16:27 -0500 From: Keith Nunn User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Cyrus imap TLS and SSL X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 14 Feb 2005 17:14:59 -0000 I'm new to e-mail setups at this level, but have some familiarity with the basics. I've spent days poring over what docs I can find and HOWTOs for any number of setups involving Cyrus IMAP. What I have been utterly unable to figure out is how to get secure connections working on my machine. The relevant entries for imapd offer valid certificates and TLS is working for Sendmail. imapd.conf: sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN DIGEST-MD5 CRAM-MD5 tls_cert_file: /usr/local/certs/cyrus-global.pem tls_key_file: /usr/local/certs/private/cyrus-global.key tls_ca_file: /usr/local/certs/cyrus-global.pem tls_ca_path: /usr/local/certs/ tls_session_timeout: 1440 tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH CAPABILITY reports: S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE STARTTLS AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR a local test with: imtest -s -a kapn -m login -p imap -v localhost fails thus: starting TLS engine setting up TLS connection SSL_connect:before/connect initialization write to 080652C0 [08083000] (100 bytes => 100 (0x64)) 0000 16 03 01 00 5f 01 00 00|5b 03 01 42 10 db e2 13 0010 57 f9 cb 4d 90 42 67 d2|d4 31 46 5f 8a ec a5 69 0020 ec da 60 3e f9 fa 5d 0c|38 92 49 00 00 34 00 39 0030 00 38 00 35 00 16 00 13|00 0a 00 33 00 32 00 2f 0040 00 66 00 05 00 04 00 63|00 62 00 61 00 15 00 12 0050 00 09 00 65 00 64 00 60|00 14 00 11 00 08 00 06 0060 00 03 01 0064 - SSL_connect:SSLv3 write client hello A read from 080652C0 [0807A000] (5 bytes => 5 (0x5)) 0000 2a 20 4f 4b 0005 - write to 080652C0 [08089000] (7 bytes => 7 (0x7)) 0000 15 20 4f 00 02 02 46 SSL3 alert write:fatal:protocol version SSL_connect:error in SSLv3 read server hello A -1 SSL_connect error -1 SSL session removed failure: TLS negotiation failed! I'm more than willing to be told I'm a dope and am missing obvious, but I'd really love suggestions if you have any. kapn From owner-freebsd-isp@FreeBSD.ORG Fri Feb 18 06:27:36 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8F44616A4CE for ; Fri, 18 Feb 2005 06:27:36 +0000 (GMT) Received: from freedownloadcenter.com (freedownloadcenter.com [82.146.33.103]) by mx1.FreeBSD.org (Postfix) with ESMTP id 92B4143D1D for ; Fri, 18 Feb 2005 06:27:33 +0000 (GMT) (envelope-from mailnull@freedownloadcenter.com) Received: from freedownloadcenter.com (localhost [82.146.33.103] (may be forged))j1I6RUuN033473 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Fri, 18 Feb 2005 06:27:31 GMT Received: (from mailnull@localhost) by freedownloadcenter.com (8.12.10/8.12.5) id j1I6RUtA033472; Fri, 18 Feb 2005 06:27:30 GMT Date: Fri, 18 Feb 2005 06:27:30 GMT Message-Id: <200502180627.j1I6RUtA033472@freedownloadcenter.com> From: spamcontact@vicman.net To: freebsd-isp@freebsd.org Subject: Autoreply: Re: approved file ... 4383114699 X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Feb 2005 06:27:36 -0000 Hi , HI! contact@vicman.net mailbox has been disabled becouse of SPAM. Please, resend your message to contactvicman@vicman.net From owner-freebsd-isp@FreeBSD.ORG Fri Feb 18 16:19:41 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ED9AA16A4CE for ; Fri, 18 Feb 2005 16:19:41 +0000 (GMT) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id 37B7C43D39 for ; Fri, 18 Feb 2005 16:19:41 +0000 (GMT) (envelope-from vaida.bogdan@gmail.com) Received: by rproxy.gmail.com with SMTP id a41so531201rng for ; Fri, 18 Feb 2005 08:19:40 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=QFWHk5Sfl6E32FaTMI2JvGaQwUXD5Wb/mRLG16boeGLgzCYSAWPUty1HHH0P17+SBVs5pMvw2YZ/WkH4FkcAHPpzOOzxakWPHvslDvqhK+kBzvjPvUlfWPpzeLmrBP54ABBHrpjRZWiblKn+dSg0h3eJu1aw3BSM9mTIbHn9oLk= Received: by 10.38.162.43 with SMTP id k43mr65983rne; Fri, 18 Feb 2005 08:19:40 -0800 (PST) Received: by 10.38.71.54 with HTTP; Fri, 18 Feb 2005 08:19:39 -0800 (PST) Message-ID: <12848a3b05021808196fa92aea@mail.gmail.com> Date: Fri, 18 Feb 2005 18:19:39 +0200 From: vaida bogdan To: freebsd-isp@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: clamav and snat X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: vaida bogdan List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Feb 2005 16:19:42 -0000 Hy, I use postfix+mailscanner on my mail server to block a lot of virii comming from my internal network. I would like to implement a solution to block virii traffic on the internal gateway. The network looks like this: WIN- WIN- ----GW1----- -----MAIL SERVER----- -----GW2---- WIN- GW1 does snat: Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- intip/24 anywhere to:extip One (or more) WIN is infected but I don't know which of the 30 computers on the network. I receive virused attachments on the MAIL SERVER from the GW1's ip. WIN are on the internal network. An ideea would be to extract mail traffic passing through GW1 in mbox format and scan it with clamav (but it would still have the snatted ext ip). I'm looking for better ideeas/implementations. Also, please tell me which tool should I use to sniff mail on GW1 or if there is a better solution. Thanks, Vaida Bogdan From owner-freebsd-isp@FreeBSD.ORG Fri Feb 18 17:52:53 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2BD8E16A4D0 for ; Fri, 18 Feb 2005 17:52:53 +0000 (GMT) Received: from lakepoint.domeneshop.no (lakepoint.domeneshop.no [194.63.248.41]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1712443D49 for ; Fri, 18 Feb 2005 17:52:52 +0000 (GMT) (envelope-from lists@wm-access.no) Received: from [192.168.2.8] (gw1.wm-access.no [81.191.131.91]) (authenticated bits=0)j1IHqoqu010914 for ; Fri, 18 Feb 2005 18:52:50 +0100 Message-ID: <42162B6E.8050706@wm-access.no> Date: Fri, 18 Feb 2005 18:52:46 +0100 From: =?ISO-8859-1?Q?Sten_Daniel_S=F8rsdal?= User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-isp@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Subject: Postfix+Courier-Imap with MySQL. X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Feb 2005 17:52:53 -0000 I am looking for flexible configuration tools to administer the above services. Does anyone have any recommendations on tools (web admin tools?)? -- Sten Daniel Sørsdal From owner-freebsd-isp@FreeBSD.ORG Fri Feb 18 23:54:04 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8953016A4CE for ; Fri, 18 Feb 2005 23:54:04 +0000 (GMT) Received: from relay.rdsnet.ro (gimli.rdsnet.ro [193.231.236.70]) by mx1.FreeBSD.org (Postfix) with SMTP id 5650543D5C for ; Fri, 18 Feb 2005 23:54:03 +0000 (GMT) (envelope-from itetcu@people.tecnik93.com) Received: (qmail 6448 invoked from network); 18 Feb 2005 23:49:08 -0000 Received: from unknown (HELO smtp.rdsnet.ro) (62.231.74.130) by smtp1-133.rdsnet.ro with SMTP; 18 Feb 2005 23:49:08 -0000 Received: (qmail 30509 invoked by uid 89); 18 Feb 2005 23:58:18 -0000 Received: from unknown (HELO it.buh.tecnik93.com) (81.196.204.98) by 0 with SMTP; 18 Feb 2005 23:58:18 -0000 Received: from it.buh.tecnik93.com (localhost.buh.tecnik93.com [127.0.0.1]) by it.buh.tecnik93.com (Postfix) with ESMTP id E33AB1140D; Sat, 19 Feb 2005 01:53:56 +0200 (EET) Date: Sat, 19 Feb 2005 01:53:56 +0200 From: Ion-Mihai Tetcu To: vaida bogdan Message-ID: <20050219015356.53076ae6@it.buh.tecnik93.com> In-Reply-To: <12848a3b05021808196fa92aea@mail.gmail.com> References: <12848a3b05021808196fa92aea@mail.gmail.com> X-Mailer: Sylpheed-Claws 1.0.1 (GTK+ 1.2.10; i386-portbld-freebsd5.3) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit cc: freebsd-isp@freebsd.org Subject: Re: clamav and snat X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Feb 2005 23:54:04 -0000 On Fri, 18 Feb 2005 18:19:39 +0200 vaida bogdan wrote: > Hy, I use postfix+mailscanner on my mail server to block a lot of > virii comming from my internal network. I would like to implement a > solution to block virii traffic on the internal gateway. The network > looks like this: > > WIN- > WIN- ----GW1----- -----MAIL SERVER----- -----GW2---- > WIN- > > GW1 does snat: > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > SNAT all -- intip/24 anywhere to:extip > > One (or more) WIN is infected but I don't know which of the 30 > computers on the network. I receive virused attachments on the MAIL > SERVER from the GW1's ip. WIN are on the internal network. > > An ideea would be to extract mail traffic passing through GW1 in mbox > format and scan it with clamav (but it would still have the snatted > ext ip). I'm looking for better ideeas/implementations. Also, please > tell me which tool should I use to sniff mail on GW1 or if there is a > better solution. I'm not familiar with the snat you're using but couldn't you: redirect GW1_intip:25 to loopback:25 before NATing put a transparent smtp proxy to listen on loopback:25 and relay on MIALSERVER tail -f /path/to/proxy_log smtp proxy could be mail/dspampd or security//clamsmtp -- IOnut Unregistered ;) FreeBSD "user" From owner-freebsd-isp@FreeBSD.ORG Sat Feb 19 13:50:56 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DE51516A4CF for ; Sat, 19 Feb 2005 13:50:55 +0000 (GMT) Received: from web25002.mail.ukl.yahoo.com (web25002.mail.ukl.yahoo.com [217.12.10.38]) by mx1.FreeBSD.org (Postfix) with SMTP id F2E5343D46 for ; Sat, 19 Feb 2005 13:50:54 +0000 (GMT) (envelope-from kidjue@yahoo.co.uk) Received: (qmail 90874 invoked by uid 60001); 19 Feb 2005 13:50:54 -0000 Message-ID: <20050219135054.90872.qmail@web25002.mail.ukl.yahoo.com> Received: from [81.199.88.22] by web25002.mail.ukl.yahoo.com via HTTP; Sat, 19 Feb 2005 13:50:53 GMT Date: Sat, 19 Feb 2005 13:50:53 +0000 (GMT) From: Emma Jukie To: Odhiambo Washington In-Reply-To: <20050211081640.GR4565@ns2.wananchi.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit cc: freebsd-isp@freebsd.org cc: freebsd-net@freebsd.org Subject: Re: Possible Problem With Apache X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Feb 2005 13:50:56 -0000 My partial httpd.conf file: # DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # DocumentRoot "/usr/local/www/cgi-bin" # # Each directory to which Apache has access, can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # # First, we configure the "default" to be a very restrictive set of # permissions. # AllowOverride None Options None Order allow,deny Allow from all AuthName "Restricted Files" AuthType Basic AuthUserFile /usr/local/etc/httpd/users require valid-user Also; Alias /cgi-perl/ /usr/local/www/cgi-perl/ SetHandler perl-script PerlHandler Apache::Registry PerlSendHeader on Options ExecCGI SetHandler perl-script PerlHandler Apache::Status order deny,allow deny from all allow from 172.16.0.175 # # ScriptAlias: This controls which directories contain server scripts. # ScriptAliases are essentially the same as Aliases, except that # documents in the realname directory are treated as applications and # run by the server when requested rather than as documents sent to the client. # The same rules about trailing "/" apply to ScriptAlias directives as to # Alias. # # ScriptAlias /cgi-bin/ "/usr/local/www/cgi-bin/" # # "/usr/local/www/cgi-bin" should be changed to whatever your ScriptAliased # CGI directory exists, if you have that configured. # AllowOverride None Options None Order allow,deny Allow from all # End of aliases. The perl files that get executed when the GUI comes up are located under: /usr/local/www/cgi-perl/ Hope this adds a little more insight! Thanks, Emma. --- Odhiambo Washington wrote: > * Emma Jukie [20050210 16:55]: > wrote: > > What do you mean when you write, "that virtualhost > > error log?" > > Show us your apache configuration, especially the > part that deals > with that script you are using. For completeness, > show the whole > configuration. > > > -Wash > > http://www.netmeister.org/news/learn2quote.html > > -- > +======================================================================+ > |\ _,,,---,,_ | Odhiambo Washington > > Zzz /,`.-'`' -. ;-;;,_ | Wananchi Online Ltd. > www.wananchi.com > |,4- ) )-,_. ,\ ( `'-'| Tel: +254 20 313985-9 > +254 20 313922 > '---''(_/--' `-'\_) | GSM: +254 722 743223 > +254 733 744121 > +======================================================================+ > You've been leading a dog's life. Stay off the > furniture. > ___________________________________________________________ ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com From owner-freebsd-isp@FreeBSD.ORG Sat Feb 19 13:58:30 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 502AD16A4CE for ; Sat, 19 Feb 2005 13:58:30 +0000 (GMT) Received: from web25006.mail.ukl.yahoo.com (web25006.mail.ukl.yahoo.com [217.12.10.42]) by mx1.FreeBSD.org (Postfix) with SMTP id 5EB5443D31 for ; Sat, 19 Feb 2005 13:58:29 +0000 (GMT) (envelope-from kidjue@yahoo.co.uk) Received: (qmail 4095 invoked by uid 60001); 19 Feb 2005 13:58:28 -0000 Message-ID: <20050219135828.4093.qmail@web25006.mail.ukl.yahoo.com> Received: from [81.199.88.22] by web25006.mail.ukl.yahoo.com via HTTP; Sat, 19 Feb 2005 13:58:28 GMT Date: Sat, 19 Feb 2005 13:58:28 +0000 (GMT) From: Emma Jukie To: M In-Reply-To: <200502121807.SAA02304@mailhost.mlnet.net> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit cc: freebsd-isp@freebsd.org cc: freebsd-net@freebsd.org Subject: Re: Possible Problem With Apache X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Feb 2005 13:58:30 -0000 Apparently apache is still running at that point in time. My error log is as follows; test# tail /var/log/httpd-error.log [Sat Feb 19 16:38:17 2005] [notice] Accept mutex: flock (Default: flock) [Sat Feb 19 16:38:19 2005] [error] [client xx.xx.xx.xx] File does not exist: /usr/local/www/cgi-bin/favicon.ico [Sat Feb 19 16:38:22 2005] [error] [client xx.xx.xx.xx] File does not exist: /usr/local/www/cgi-bin/favicon.ico [Sat Feb 19 16:38:24 2005] [error] [client xx.xx.xx.xx] File does not exist: /usr/local/www/cgi-bin/favicon.ico [Sat Feb 19 16:38:27 2005] [error] [client xx.xx.xx.xx] File does not exist: /usr/local/www/cgi-bin/favicon.ico [Sat Feb 19 16:38:38 2005] [notice] SIGHUP received. Attempting to restart [Sat Feb 19 16:38:39 2005] [notice] Apache/1.3.33 (Unix) mod_perl/1.29 mod_ssl/2.8.22 OpenSSL/0.9.7d configured -- resuming normal operations [Sat Feb 19 16:38:39 2005] [notice] Accept mutex: flock (Default: flock) [Sat Feb 19 16:38:41 2005] [error] [client xx.xx.xx.xx] File does not exist: /usr/local/www/cgi-bin/favicon.ico [Sat Feb 19 16:38:43 2005] [error] [client xx.xx.xx.xx] File does not exist: /usr/local/www/cgi-bin/favicon.ico Rgds, Emma. --- M wrote: > > What does your error_log say? > Is apache still running? > > Put debug messages in your script (if you print to > STDERR, eg > > print STDERR "watchpoint 4 variable x=$x\n"; > > you can get more usefull information in your > error_log > file. > > Write perl which has 'use strict;' somewhere near > the > top - best practice. If you can use -Tw at the > start > oif the first line, eg > #!/usr/local/bin/perl -Tw > (path is dependant on where perl is located on your > system.) > > My guess is that you have a bug in your perl script > that > causes it to either eat memory, not close files, > leave locks, or never end. > > > Regards > > > Matthew > > > > > Hi all, > > > > I have created a GUI with the help of Perl scripts > and > > Apache as my web server and this is running off a > > FreeBSD 4.x platform. The GUI has several menus > plus > > components but the problem is whenever I click on > a > > menu say, 'Submit' after I have made some > > modifications, a web page comes up with the error, > > "Internal Server Error, please contact your > Systems > > Administrator." To overcome this and view the page > I > > want, I have to restart apache from command line. > Yet > > at this point in time apache is actually running! > > > > My Apache and Perl versions are as below; > > apache+mod_ssl-1.3.33+2.8.22 > > mod_perl-1.29_1 > > > > Anyone got ideas on how I can go about this? Your > > quick responses will be highly appreciated. > > > > Thanks, > > Emma. > > > > > > > > > > > > > > > > > ___________________________________________________________ > > > ALL-NEW Yahoo! Messenger - all new features - even > more fun! http://uk.messenger.yahoo.com > > _______________________________________________ > > freebsd-net@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-net > > To unsubscribe, send any mail to > "freebsd-net-unsubscribe@freebsd.org" > > > > > > ___________________________________________________________ ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com From owner-freebsd-isp@FreeBSD.ORG Sat Feb 19 20:52:28 2005 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4928A16A4CE for ; Sat, 19 Feb 2005 20:52:28 +0000 (GMT) Received: from ip212-226-164-78.adsl.kpnqwest.fi (ip212-226-164-93.adsl.kpnqwest.fi [212.226.164.93]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4636D43D69 for ; Sat, 19 Feb 2005 20:52:27 +0000 (GMT) (envelope-from mjraiha@ip212-226-164-78.adsl.kpnqwest.fi) Received: from ip212-226-164-78.adsl.kpnqwest.fi (localhost [127.0.0.1]) j1JKqP03053018; Sat, 19 Feb 2005 22:52:25 +0200 (EET) (envelope-from mjraiha@ip212-226-164-78.adsl.kpnqwest.fi) Received: (from mjraiha@localhost)j1JKqOFp052995; Sat, 19 Feb 2005 22:52:24 +0200 (EET) (envelope-from mjraiha) Date: Sat, 19 Feb 2005 22:52:24 +0200 From: Marko Raiha To: Sten Daniel =?iso-8859-1?Q?S=F8rsdal?= Message-ID: <20050219205224.GA37230@daemon.adsl.kpnqwest.fi> References: <42162B6E.8050706@wm-access.no> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <42162B6E.8050706@wm-access.no> User-Agent: Mutt/1.4.2.1i X-Time-Zone: FI EET, 3 hours east of GMT. X-Operating-System: FreeBSD 5.3-RELEASE-p5 i386 cc: freebsd-isp@freebsd.org Subject: Re: Postfix+Courier-Imap with MySQL. X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Feb 2005 20:52:28 -0000 Hi, On Fri, Feb 18, 2005 at 06:52:46PM +0100, Sten Daniel Sørsdal wrote: > I am looking for flexible configuration tools to administer the above > services. Does anyone have any recommendations on tools (web admin tools?)? With postfixadmin (in ports) you can administrate domains, email-accounts and redirect-addresses. Also users can setup forwarding, auto-response messages and change password. Regards, -- Marko Räihä