Date: Sat, 22 Jun 2002 00:12:37 -0500 From: "Kevin Kinsey, DaleCo, S.P." <kdk@daleco.biz> To: <freebsd-security@FreeBSD.ORG> Subject: ReL Possible security liability: Filling disks with junk or spam Message-ID: <02b801c219ab$6d28fd20$5dec910c@daleco>
next in thread | raw e-mail | index | archive | help
> ----- Original Message ----- > From: "Darren Pilgrim" <dmp@pantherdragon.org> > To: "Kevin Kinsey, DaleCo, S.P." <kdk@daleco.biz> > Cc: "Mark Hartley" <mark@work.drapple.com>; "twig les" <twigles@yahoo.com>; > <security@FreeBSD.ORG> > Sent: Friday, June 21, 2002 11:40 PM > Subject: Re: Possible security liability: Filling disks with junk or spam > > > > "Kevin Kinsey, DaleCo, S.P." wrote: > > > > > > Better yet, comment out the lines in /etc/aliases, > > > which will cause the mail to be returned > > > since that user won't exist. > > > > > > Why increase the spam traffic by the use > > > of the bitbucket? If the mail doesn't come > > > back they just keep sending...... > > > > Without the aliases(5) entries, the mail will be delivered > to local mailboxes for those pesudo-users, eventually > filling the disk if you don't monitor disk usage. This was > precisely the problem for Brett's client. < > Doh! Indeed it does.......though I had to reconfig a basically default /etc/aliases to get it to do this... > > >IMO the proper way to handle this is to use an MTA > that has some kind of access-control mechanism to > restrict mail delivery to non-user accounts in addition to > having a forwarding mechanism for them.< > > Seems reasonable. Or just do as /etc/aliases instructed in the first place...why do we only complain when caught in violation of our own policies? KDK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?02b801c219ab$6d28fd20$5dec910c>