From owner-freebsd-isp Wed Jan 8 2: 8:37 2003 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D618B37B401 for ; Wed, 8 Jan 2003 02:08:32 -0800 (PST) Received: from riy-01-s1.saudi.net.sa (riy-01-s1.saudi.net.sa [212.118.133.133]) by mx1.FreeBSD.org (Postfix) with ESMTP id B629543EDC for ; Wed, 8 Jan 2003 02:08:31 -0800 (PST) (envelope-from rayed@saudi.net.sa) Received: from saudi.net.sa (riy-ol-ws1.saudi.net.sa [212.118.133.49]) by riy-01-s1.saudi.net.sa (8.12.1/8.11.6) with ESMTP id h08AEuA3043631; Wed, 8 Jan 2003 13:14:56 +0300 (AST) (envelope-from rayed@saudi.net.sa) Message-ID: <3E1BF89C.5020809@saudi.net.sa> Date: Wed, 08 Jan 2003 13:08:28 +0300 From: Rayed Al-Rashed User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.2.1) Gecko/20021130 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Vishal Gandhi Kommineni Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Sendmail ignoring hosts.allow References: <3E1AA183.1060604@saudi.net.sa> <005401c2b6f1$2aa49d40$0b6f3fca@southernonline.net> <3E1BEAC8.4000500@saudi.net.sa> <006901c2b6f7$ac8e9d00$0b6f3fca@southernonline.net> <3E1BF1F2.4090205@saudi.net.sa> <007c01c2b6fb$35d51a00$0b6f3fca@southernonline.net> In-Reply-To: <007c01c2b6fb$35d51a00$0b6f3fca@southernonline.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --------/etc/hosts.allow-------- ALL : attack_ip : DENY sendmail : attack_ip : DENY smtp : attack_ip : DENY sshd : our_ip : allow sshd : ALL : deny # allow everything else ALL : ALL : allow -------------------------------- Vishal Gandhi Kommineni wrote: >Can you tell me what is in hosts.allow ??? > >Vishal Gandhi Kommineni >----- Original Message ----- >From: "Rayed Al-Rashed" >To: "Vishal Gandhi Kommineni" >Cc: >Sent: Wednesday, January 08, 2003 3:10 PM >Subject: Re: Sendmail ignoring hosts.allow > > > > >>In /etc/hosts.deny I put >> >> ALL : ALL >> >>and restarted sendmail and it still ignores it. >> >>I remembered one thing, I have 2 IPs one that server, does this have any >>effect?! >>Thanks >> >>- rayed >> >>Vishal Gandhi Kommineni wrote: >> >> >> >>>in /etc/hosts.allow it should be >>>ALL: xxx.xxx.xxx.xxx ( ip's you want to allow) >>> >>>in /etc/hosts.deny it should be >>> >>>ALL: ALL >>> >>>Vishal Gandhi Kommineni >>>----- Original Message ----- >>>From: "Rayed Al-Rashed" >>>To: "Vishal Gandhi Kommineni" >>>Cc: >>>Sent: Wednesday, January 08, 2003 2:39 PM >>>Subject: Re: Sendmail ignoring hosts.allow >>> >>> >>> >>> >>> >>> >>>>Didn't work in both /etc/hosts.allow and /etc/hosts.deny >>>> >>>> >>>>Vishal Gandhi Kommineni wrote: >>>> >>>> >>>> >>>> >>>> >>>>>try >>>>>ALL: ALL >>>>> >>>>>Vishal Gandhi Kommineni >>>>>----- Original Message ----- >>>>>From: "Rayed Al-Rashed" >>>>>To: >>>>>Sent: Tuesday, January 07, 2003 3:14 PM >>>>>Subject: Sendmail ignoring hosts.allow >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>>Hi, >>>>>> >>>>>>Our mail server was under DOS attack, and I was trying to stop the new >>>>>>connections using /etc/hosts.allow but I couldn't do it. >>>>>> >>>>>>The entry in /etc/hosts.allow: >>>>>> >>>>>>sendmail : xx.xx.xx.xx : DENY >>>>>> >>>>>>and I even tried: >>>>>> >>>>>>ALL : ALL : DENY >>>>>> >>>>>>but still doesn't work, I installed sendmail from the port, and I also >>>>>>checked tcpwrapper support: >>>>>>--------------------------------------------------- >>>>>># sendmail -d0.1 >>>>>>Version 8.12.1 >>>>>>Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MIME7TO8 MIME8TO7 >>>>>> NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS >>>>>> >>>>>> >>>>>> >>>>>> >>>PIPELINING >>> >>> >>> >>> >>>>>> SCANF TCPWRAPPERS USERDB XDEBUG >>>>>>--------------------------------------------------- >>>>>>The /etc/mailer.conf also points to the port version. >>>>>>Any ideas on why it doesn't work!! >>>>>> >>>>>>P.S. I just added an entry on /etc/mail/access to reject emails from >>>>>>that IP but sendmail still need to fork. >>>>>> >>>>>> >>>>>>Thanks, >>>>>>- rayed >>>>>> >>>>>> >>>>>>To Unsubscribe: send mail to majordomo@FreeBSD.org >>>>>>with "unsubscribe freebsd-isp" in the body of the message >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>> >>>> >>> >>> >>> >>> >> >> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message