Date: Thu, 21 Jun 2001 10:37:34 +0400 From: "Nickolay A. Kritsky" <nkritsky@internethelp.ru> To: "faSty" <fasty@i-sphere.com>, <freebsd-security@FreeBSD.ORG> Subject: Re: need help filter this stupid virus. Sendmail didnt stop this. Message-ID: <008c01c0fa1c$a92f94f0$0600a8c0@ibmka.internethelp.ru>
next in thread | raw e-mail | index | archive | help
-----Original Message----- From: faSty <fasty@i-sphere.com> To: freebsd-security@FreeBSD.ORG <freebsd-security@FreeBSD.ORG> Date: 21 èþíÿ 2001 ã. 2:14 Subject: need help filter this stupid virus. Sendmail didnt stop this. >Hi there, > > I need help, I tried filter on Sendmail to reject or discard when it >match "From:hahaha@sexyfun.net" seem not success stop these stupid virus email >and it kept coming back repeat like every 2 or 3 days. > >Here the full email header. <skipped> >-- end snip -- > >I searched www.google.com (search engine) find the solution for the FreeBSD >sendmail's filter on hahaha@sexyfun.net. I found most talk about procmail >but i looked the FreeBSD sendmail isnt run by procmail based. I have met such problems recently and tried to use procmail. It is not installed by default, so you should go to /usr/ports/mail/procmail and "make" it. AFAIK default sendmail.cf file uses mail(1) and mail.local(8) to bring mail to end-user. Thus you have to change your sendmail.cf file directly (vi /etc/sendmail.cf) or using m4. I am not so familiar with .cf file fromat, so I used the second way. I changed my main .mc site as follows: #diff mysite.procmail.mc mysite.local.mc 17c17 < MAILER(procmail)dnl --- > MAILER(local)dnl 21c21 < FEATURE(local_procmail)dnl --- > FEATURE(local_lmtp)dnl Then I created my own /etc/procmailrc file using guidelines from http://www.impsec.org/email-tools/procmail-security.html - I think you should read this document about email security. Everything seems to work, but I strongly recommend you to start changing default settings ASAP. I will not go deeply in installation process, because it is not the subject of this thread, but if you are interested in using procmail as "email-fierewall" on FreeBSD, you can always contact me by e-mail. Hope my post has helped you. Good Luck! NKritsky - SysAdmin InternetHelp.Ru http://www.internethelp.ru e-mail: nkritsky@internethelp.ru > >HELP! > >-trev > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?008c01c0fa1c$a92f94f0$0600a8c0>