From owner-freebsd-security  Wed Sep 22 13:13:53 1999
Delivered-To: freebsd-security@freebsd.org
Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44])
	by hub.freebsd.org (Postfix) with ESMTP id 4FEFB15500
	for <security@FreeBSD.ORG>; Wed, 22 Sep 1999 13:13:47 -0700 (PDT)
	(envelope-from Cy.Schubert@uumail.gov.bc.ca)
Received: (from daemon@localhost)
	by point.osg.gov.bc.ca (8.8.7/8.8.8) id NAA30162;
	Wed, 22 Sep 1999 13:13:42 -0700
Received: from passer.osg.gov.bc.ca(142.32.110.29)
 via SMTP by point.osg.gov.bc.ca, id smtpda30160; Wed Sep 22 13:13:26 1999
Received: (from uucp@localhost)
	by passer.osg.gov.bc.ca (8.9.3/8.9.1) id NAA05832;
	Wed, 22 Sep 1999 13:13:13 -0700 (PDT)
Message-Id: <199909222013.NAA05832@passer.osg.gov.bc.ca>
Received: from localhost.osg.gov.bc.ca(127.0.0.1), claiming to be "passer.osg.gov.bc.ca"
 via SMTP by localhost.osg.gov.bc.ca, id smtpdMW5828; Wed Sep 22 13:13:11 1999
X-Mailer: exmh version 2.0.2 2/24/98
Reply-To: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca>
X-OS: FreeBSD 3.3-RELEASE
X-Sender: cy
To: Mike Tancsa <mike@sentex.net>
Cc: "Mr. K." <bsd@a.servers.aozilla.com>, security@FreeBSD.ORG
Subject: Re: Sendmail blocking of spammers (was Re: hackers?) 
In-reply-to: Your message of "Tue, 21 Sep 1999 15:39:05 EDT."
             <3.0.5.32.19990921153905.01499100@staff.sentex.ca> 
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Wed, 22 Sep 1999 13:13:10 -0700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

In message <3.0.5.32.19990921153905.01499100@staff.sentex.ca>, Mike 
Tancsa writ
es:
> >I think I figured out what is happening.  The relaying is indeed getting
> >denied, but unfortunately some of the spammers software is waiting blindly
> >for a positive response (and thus keeping a connection until they time
> >out).  My choices seem to be ipfw (which I don't want to do as I don't
> >want to block all aol users), or somehow getting sendmail to disconnect on
> >a "relaying denied" (instead of sitting there until they timeout).  I
> >can't figure out how to do the latter (doesn't seem to be possible).  And
> >of course calling AOL and bitching, at least that will feel good if I can
> >get a bunch of these spammers booted.
> 
> You have another option. If you have tcp_wrappers installed (its installed
> in all 3.[2|3] versions by default), you can deny by sub domain.  The
> spammers are coming from *.ipt.aol.com.  Block from that subdomain on.  AOL
> for its mail exchangers are all of the form xx.mx.aol.com, not ipt.aol.com
> e.g.
> aol.com preference = 15, mail exchanger = zd.mx.aol.com

Or try the smtpd port.

Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Open Systems Group          Internet:  Cy.Schubert@uumail.gov.bc.ca
ITSD                                   Cy.Schubert@gems8.gov.bc.ca
Province of BC
                      "e**(i*pi)+1=0"





To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message