From owner-freebsd-security Thu Jun 21 13: 3: 8 2001 Delivered-To: freebsd-security@freebsd.org Received: from i-sphere.com (shell.i-sphere.com [209.249.146.70]) by hub.freebsd.org (Postfix) with ESMTP id CA90137B406 for ; Thu, 21 Jun 2001 13:03:03 -0700 (PDT) (envelope-from fasty@i-sphere.com) Received: (from fasty@localhost) by i-sphere.com (8.11.3/8.11.3) id f5LK8eU31687; Thu, 21 Jun 2001 13:08:40 -0700 (PDT) (envelope-from fasty) Date: Thu, 21 Jun 2001 13:08:40 -0700 From: faSty To: Giorgos Keramidas Cc: freebsd-security@freebsd.org Subject: Re: need help filter this stupid virus. Sendmail didnt stop this. Message-ID: <20010621130840.I31428@i-sphere.com> References: <20010620194713.A18467@ns1.via-net-works.net.ar> <200106202329.f5KNTPm07958@fusion.borderware.com> <20010620165335.C20771@i-sphere.com> <20010621180835.A11041@hades.hell.gr> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010621180835.A11041@hades.hell.gr>; from keramida@ceid.upatras.gr on Thu, Jun 21, 2001 at 06:08:35PM +0300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Yes, I still using /etc/mail/access, seems not work at all, and I will try it out with procmail filter today. thanks, -trev On Thu, Jun 21, 2001 at 06:08:35PM +0300, Giorgos Keramidas wrote: > On Wed, Jun 20, 2001 at 04:53:35PM -0700, faSty wrote: > > > I did used "From:hahaha@sexyfun.net" and still fails reject it. > > > > -trev > > Instead of tweaking your sendmail rules, which is somewhat error prone > (unless you reallyknow what you are doing), you could install procmail > and use that as the local delivery agent. Then, a simple filter like: > > :0 H > * From[: ].*hahaha@.*sex.*$ > /dev/null > > put in the proper place (your /usr/local/etc/procmailrc) will filter > out all mail that have either an envelope-from or a header-from > address that matches your rules. > > The only problem I can see with this is that you might soon end > up with a huge /usr/local/etc/procmailrc file, instead of a nicer > /etc/mail/access file that blocks spammers. > > If you do want to use /etc/mail/access then you should probably do the > extra works it takes to find from the mail headers, where the mail > comes from. > > Then block the mail that comes from that host or domain or provider > and contact the provider's mail admins informing them that you have > blocked the entire domain because spammers use it to abuse your mail > system. A nicely put and carefully worded telephone call, where you > take care not to offend the mail admins themselves, will do wonders.. > trust me. > > -giorgos > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message