Date: Sat, 09 Nov 2002 23:49:12 -0600 From: "W. D." <WD@US-Webmasters.com> To: freebsd-questions@FreeBSD.ORG Cc: Steve Wingate <steve@velosystems.net> Subject: Re: How to stop SPAMMER??! Message-ID: <5.1.0.14.2.20021109232136.04ae7140@us-webmasters.com> In-Reply-To: <20021109174345.J9853-100000@daemon.velosystems.net> References: <5.1.0.14.2.20021109150436.069a4d50@us-webmasters.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey Steve,=20 Thanks for the reply. At 19:49 11/9/2002, Steve Wingate wrote: > >You don't mention several important things someone would need to answer >this question fully. > >1. Are you running a real mailserver that needs to send/receive mail to >the outside world? Yep. >If not then just block port 25 incoming. >If yes, then configure some UCE (unsolicited commercial email) rules on >sendmail (assuming this what you have since you didn't say) and/or >consider using another mailserver with easier configured security (since >you're probably not a sendmail wizard). I suggest qmail=20 lrwxr-xr-x 1 root wheel 33 Dec 10 2001 sendmail ->= /usr/local/psa/qmail/bin/sendmail Using qmail. How to configure to avoid spam? What is the name of configuration file? >or Postfix, which >I use. > 2. Are you the recipient of spam or is your box being used as a >relay? Relay. >This shouldn't happen in the default configuration any longer I believe. >Either check the Handbook online for sendmail configuration. >3. Dunno I tried to block using IPFW but no luck using this line: add deny log all from 168.93.100.0/24 to any in via fxp0 (http://www.SamSpade.org/t/lookat?a=3DSpaWeb1.spaelegance.com -> SpaWeb1.spaelegance.com resolves to 168.93.100.59) > > >+---------------------------------------------------------------------+ >|Steve Wingate <s.wingate@cox.net> >|MCSE, CCNA Sat Nov 9 16:59:00 PST 2002 >+---------------------------------------------------------------------+ >|FreeBSD 4.7-RC >| 4:59PM up 21 days, 17:31, 2 users, load averages: 0.00, 0.00, 0.00 >+---------------------------------------------------------------------+ > >On Sat, 9 Nov 2002, W. D. wrote: > >> Hi folks, >> >> I've got some bozo from: >> >> SpaWeb1.spaelegance.com..auth >> >> doing all kinds of SMTP activity on my FreeBSD server. Does anyone >> know how to stop this? What kind of entry would I add to ipfw? >> >> Does anyone know what vulnerability this might be? How to stop >> permanently? >> >> Here's what I am running: >> FreeBSD 4.4-RELEASE >> Apache/1.3.27 (Unix) >> mod_perl/1.26 >> mod_throttle/3.1.2 >> PHP/4.2.2 >> FrontPage/4.0.4.3 >> mod_ssl/2.8.11 >> OpenSSL/0.9.6f >> >> >> Start Here to Find It Fast!=A9 ->= http://www.US-Webmasters.com/best-start-page/ >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message >> Start Here to Find It Fast!=A9 -> http://www.US-Webmasters.com/best-start-pa= ge/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.2.20021109232136.04ae7140>