From owner-freebsd-questions Sat Nov 9 21:49:40 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DF1E837B401 for ; Sat, 9 Nov 2002 21:49:37 -0800 (PST) Received: from mail6.sea.registeredsite.com (mail6.sea.registeredsite.com [66.111.73.206]) by mx1.FreeBSD.org (Postfix) with ESMTP id 67D2543E42 for ; Sat, 9 Nov 2002 21:49:32 -0800 (PST) (envelope-from WD@US-Webmasters.com) Received: from us-webmasters.com (us-webmasters.com [207.159.139.240]) by mail6.sea.registeredsite.com (8.12.5/8.12.5) with ESMTP id gAA5nTqt029740; Sun, 10 Nov 2002 00:49:30 -0500 Received: from xyz.netins.net (desm-04-113.dialup.netins.net [167.142.11.242]) by us-webmasters.com (8.9.3/8.9.3) with ESMTP id VAA11453; Sat, 9 Nov 2002 21:49:23 -0800 (PST) Message-Id: <5.1.0.14.2.20021109232136.04ae7140@us-webmasters.com> X-Sender: wd@us-webmasters.com X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Sat, 09 Nov 2002 23:49:12 -0600 To: freebsd-questions@FreeBSD.ORG From: "W. D." Subject: Re: How to stop SPAMMER??! Cc: Steve Wingate In-Reply-To: <20021109174345.J9853-100000@daemon.velosystems.net> References: <5.1.0.14.2.20021109150436.069a4d50@us-webmasters.com> Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hey Steve,=20 Thanks for the reply. At 19:49 11/9/2002, Steve Wingate wrote: > >You don't mention several important things someone would need to answer >this question fully. > >1. Are you running a real mailserver that needs to send/receive mail to >the outside world? Yep. >If not then just block port 25 incoming. >If yes, then configure some UCE (unsolicited commercial email) rules on >sendmail (assuming this what you have since you didn't say) and/or >consider using another mailserver with easier configured security (since >you're probably not a sendmail wizard). I suggest qmail=20 lrwxr-xr-x 1 root wheel 33 Dec 10 2001 sendmail ->= /usr/local/psa/qmail/bin/sendmail Using qmail. How to configure to avoid spam? What is the name of configuration file? >or Postfix, which >I use. > 2. Are you the recipient of spam or is your box being used as a >relay? Relay. >This shouldn't happen in the default configuration any longer I believe. >Either check the Handbook online for sendmail configuration. >3. Dunno I tried to block using IPFW but no luck using this line: add deny log all from 168.93.100.0/24 to any in via fxp0 (http://www.SamSpade.org/t/lookat?a=3DSpaWeb1.spaelegance.com -> SpaWeb1.spaelegance.com resolves to 168.93.100.59) > > >+---------------------------------------------------------------------+ >|Steve Wingate >|MCSE, CCNA Sat Nov 9 16:59:00 PST 2002 >+---------------------------------------------------------------------+ >|FreeBSD 4.7-RC >| 4:59PM up 21 days, 17:31, 2 users, load averages: 0.00, 0.00, 0.00 >+---------------------------------------------------------------------+ > >On Sat, 9 Nov 2002, W. D. wrote: > >> Hi folks, >> >> I've got some bozo from: >> >> SpaWeb1.spaelegance.com..auth >> >> doing all kinds of SMTP activity on my FreeBSD server. Does anyone >> know how to stop this? What kind of entry would I add to ipfw? >> >> Does anyone know what vulnerability this might be? How to stop >> permanently? >> >> Here's what I am running: >> FreeBSD 4.4-RELEASE >> Apache/1.3.27 (Unix) >> mod_perl/1.26 >> mod_throttle/3.1.2 >> PHP/4.2.2 >> FrontPage/4.0.4.3 >> mod_ssl/2.8.11 >> OpenSSL/0.9.6f >> >> >> Start Here to Find It Fast!=A9 ->= http://www.US-Webmasters.com/best-start-page/ >> >> >> To Unsubscribe: send mail to majordomo@FreeBSD.org >> with "unsubscribe freebsd-questions" in the body of the message >> Start Here to Find It Fast!=A9 -> http://www.US-Webmasters.com/best-start-pa= ge/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message