Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 20 Oct 1996 23:21:37 -0500 (CDT)
From:      Jay E Erickson <>
To:        "Timothy P. Layton, Sr." <>
Cc:        questions@FreeBSD.ORG
Subject:   Re: HELP !!! I have a mail hacker.
Message-ID:  <>
In-Reply-To: <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help

To reduce this type of activity I did three things:
1. Installed TCP Wrappers 

2. Ran my smtp traffic through TCP Wrappers (three steps) 
    (the wrappers install docs helped me with this)
    added the next line to my /etc/inetd.conf
smtp    stream  tcp     nowait  root    /usr/libexec/tcpd       /usr/sbin/sendmail -bs
    and added the next two lines to my /etc/crontab for root
# Check sendmail queue every 30 minutes
*/30    *       *       *       *       root    /usr/sbin/sendmail -q
set the sendmail option in the /etc/sysconfig to  "no"
if you don't want to use crontab you can set the sendmail option in the 
/etc/sysconfig to "-q30m"

3. in my /etc/ file I set
O PrivacyOptions=goaway

step 1 is just a good idea
step 2 makes sure the IP address = thier long address i.e. =
and step 3 forces smtp mailers to greet you with hello and doesn't let 
them expand on any lists or verify any users. 
this dosen't make you 100% safe but every little bit counts.

 On Sat, 19 Oct 1996, Timothy P. Layton, Sr. wrote:

> Help !!!
> my mail host is receiving a couple thousand messages per night 
> from a ficticous user at a fake domain.
> I looked in the maillog and found what domain the messages where
> coming from.  
> Can I reject all mail from a single domain, and can I take it even 
> further by refusing any type of connection from a domain ??

Yes. TCP wrappers can do this for you

Jay Erickson

Want to link to this message? Use this URL: <>