Date: Fri, 21 Jun 2002 22:35:29 -0500 From: "Kevin Kinsey, DaleCo, S.P." <kdk@daleco.biz> To: "Mark Hartley" <mark@work.drapple.com>, "twig les" <twigles@yahoo.com> Cc: <security@FreeBSD.ORG> Subject: Re: Possible security liability: Filling disks with junk or spam Message-ID: <004301c2199d$dbacf3e0$5dec910c@daleco> References: <XFMail.020621180634.mark@work.drapple.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Better yet, comment out the lines in /etc/aliases, which will cause the mail to be returned since that user won't exist. Why increase the spam traffic by the use of the bitbucket? If the mail doesn't come back they just keep sending...... Kevin Kinsey ----- Original Message ----- From: "Mark Hartley" <mark@work.drapple.com> To: "twig les" <twigles@yahoo.com> Cc: <security@FreeBSD.ORG> Sent: Friday, June 21, 2002 8:06 PM Subject: Re: Possible security liability: Filling disks with junk or spam > > On 22-Jun-02 twig les wrote: > > Would it be viable to un-map the psuedo-users or would > > that break something? > > > > If you don't want to forward their messages to root (which I think is the best > way), you could always simply edit the aliases file and put the following lines > in: > > bin: /dev/null > news: /dev/null > > (and so on for each one) > > > Depends on how the admin wants to handle it. > > > Mark. > > > > > > --- Sean Kelly <smkelly@zombie.org> wrote: > >> On Fri, Jun 21, 2002 at 06:01:16PM -0600, Brett > >> Glass wrote: > >> ... > >> > A client recently called me in puzzlement, saying > >> that his system was > >> > misbehaving, and it turned out that this was what > >> had happened. The address > >> > "news@victim.com" had somehow wound up on quite a > >> few spammers' lists. He'd > >> > never used or hosted netnews, and so had no need > >> for the pseudo-user. But that > >> > pseudo-user was there by default, and the system > >> dutifully created a mailbox > >> > for him/her/it when the very first spam arrived. > >> It started growing by leaps > >> > and bounds until it was -- I kid you not! -- > >> several hundred megabytes in > >> > size. At which point the partition ran out of > >> room. > >> > > >> > It seems to me that pseudo-users should be > >> non-mailable, just as a basic > >> > security policy. Ideas for the best way to > >> implement this in the default > >> > install? > >> > >> If you look at /usr/src/etc/mail/aliases, you'll see > >> that pseudo-users are > >> mapped to root. I also see news in there: > >> news: root > >> > >> usenet: news > >> > >> > >> It seems to me that the best way to prevent such > >> things happening would be > >> to keep your aliases files up to date. Use > >> mergemaster and also maintain > >> the file for any pseudo-users you may add. At some > >> point, the > >> administrator has to become responsible for the > >> system they administer. > >> > >> -- > >> Sean Kelly | PGP KeyID: 77042C7B > >> smkelly@zombie.org | http://www.zombie.org > >> > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004301c2199d$dbacf3e0$5dec910c>