From owner-freebsd-isp Wed Jan 8 4:26:56 2003 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5995F37B401 for ; Wed, 8 Jan 2003 04:26:55 -0800 (PST) Received: from miata.ath.cx (pcp01454703pcs.blumtn01.pa.comcast.net [68.82.90.101]) by mx1.FreeBSD.org (Postfix) with ESMTP id 77DAF43ED8 for ; Wed, 8 Jan 2003 04:26:49 -0800 (PST) (envelope-from mm@miata.ath.cx) Received: by miata.ath.cx (Postfix, from userid 1000) id B0ECA14A; Wed, 8 Jan 2003 07:26:48 -0500 (EST) Received: from localhost (localhost [127.0.0.1]) by miata.ath.cx (Postfix) with ESMTP id A4829147; Wed, 8 Jan 2003 07:26:48 -0500 (EST) Date: Wed, 8 Jan 2003 07:26:48 -0500 (EST) From: Michael McDowell To: Rayed Al-Rashed Cc: freebsd-isp@FreeBSD.ORG Subject: Re: Sendmail ignoring hosts.allow In-Reply-To: <3E1AA183.1060604@saudi.net.sa> Message-ID: <20030108072118.M3165-100000@miata.ath.cx> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Have you tryed specifing an IP in hosts.allow from which you could try a telnet to your machine from? This is an easy way to see if indeed tcpwrappers is working or not. M. McDowell On Tue, 7 Jan 2003, Rayed Al-Rashed wrote: > Hi, > > Our mail server was under DOS attack, and I was trying to stop the new > connections using /etc/hosts.allow but I couldn't do it. > > The entry in /etc/hosts.allow: > > sendmail : xx.xx.xx.xx : DENY > > and I even tried: > > ALL : ALL : DENY > > but still doesn't work, I installed sendmail from the port, and I also > checked tcpwrapper support: > --------------------------------------------------- > # sendmail -d0.1 > Version 8.12.1 > Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MIME7TO8 MIME8TO7 > NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS PIPELINING > SCANF TCPWRAPPERS USERDB XDEBUG > --------------------------------------------------- > The /etc/mailer.conf also points to the port version. > Any ideas on why it doesn't work!! > > P.S. I just added an entry on /etc/mail/access to reject emails from > that IP but sendmail still need to fork. > > > Thanks, > - rayed > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-isp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message