From owner-freebsd-questions Sat Nov 9 17:49:18 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7A4E437B401 for ; Sat, 9 Nov 2002 17:49:16 -0800 (PST) Received: from jeeves.velosystems.net (wsip68-15-85-238.oc.oc.cox.net [68.15.85.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id D114843E3B for ; Sat, 9 Nov 2002 17:49:10 -0800 (PST) (envelope-from steve@velosystems.net) Received: from localhost (localhost.velosystems.net [127.0.0.1]) by jeeves.velosystems.net (Postfix) with ESMTP id D457BA78D; Sat, 9 Nov 2002 17:49:04 -0800 (PST) Received: from daemon.velosystems.net (daemon.velosystems.net [192.168.1.11]) by jeeves.velosystems.net (Postfix) with ESMTP id 842A7A511; Sat, 9 Nov 2002 17:49:02 -0800 (PST) Date: Sat, 9 Nov 2002 17:49:02 -0800 (PST) From: Steve Wingate To: "W. D." Cc: freebsd-questions@FreeBSD.ORG Subject: Re: How to stop SPAMMER??! In-Reply-To: <5.1.0.14.2.20021109150436.069a4d50@us-webmasters.com> Message-ID: <20021109174345.J9853-100000@daemon.velosystems.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=ISO-8859-1 Content-Transfer-Encoding: QUOTED-PRINTABLE X-Virus-Scanned: by AMaViS perl-11 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG You don't mention several important things someone would need to answer this question fully. 1. Are you running a real mailserver that needs to send/receive mail to the outside world? If not then just block port 25 incoming. If yes, then configure some UCE (unsolicited commercial email) rules on sendmail (assuming this what you have since you didn't say) and/or consider using another mailserver with easier configured security (since you're probably not a sendmail wizard). I suggest qmail or Postfix, which I use. 2. Are you the recipient of spam or is your box being used as a relay? This shouldn't happen in the default configuration any longer I believe. Either check the Handbook online for sendmail configuration. 3. Dunno +---------------------------------------------------------------------+ |Steve Wingate=09=09 |MCSE, CCNA=09=09Sat Nov 9 16:59:00 PST 2002 +---------------------------------------------------------------------+ |FreeBSD 4.7-RC | 4:59PM up 21 days, 17:31, 2 users, load averages: 0.00, 0.00, 0.00 +---------------------------------------------------------------------+ On Sat, 9 Nov 2002, W. D. wrote: > Hi folks, > > I've got some bozo from: > > SpaWeb1.spaelegance.com..auth > > doing all kinds of SMTP activity on my FreeBSD server. Does anyone > know how to stop this? What kind of entry would I add to ipfw? > > Does anyone know what vulnerability this might be? How to stop > permanently? > > Here's what I am running: > FreeBSD 4.4-RELEASE > Apache/1.3.27 (Unix) > mod_perl/1.26 > mod_throttle/3.1.2 > PHP/4.2.2 > FrontPage/4.0.4.3 > mod_ssl/2.8.11 > OpenSSL/0.9.6f > > > Start Here to Find It Fast!=A9 -> http://www.US-Webmasters.com/best-start= -page/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message