Date: Sat, 22 Jun 2002 09:50:13 +0200 From: "Simon 'corecode' Schubert" <corecode@corecode.ath.cx> To: Darren Pilgrim <dmp@pantherdragon.org> Cc: kdk@daleco.biz, mark@work.drapple.com, twigles@yahoo.com, security@FreeBSD.ORG Subject: Re: Possible security liability: Filling disks with junk or spam Message-ID: <20020622095013.40db50a3.corecode@corecode.ath.cx> In-Reply-To: <3D13FFB2.39A80570@pantherdragon.org> References: <XFMail.020621180634.mark@work.drapple.com> <004301c2199d$dbacf3e0$5dec910c@daleco> <3D13FFB2.39A80570@pantherdragon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--=.Q+H7dNHSyh6Bj7 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Fri, 21 Jun 2002 21:40:19 -0700 Darren Pilgrim wrote: > "Kevin Kinsey, DaleCo, S.P." wrote: > > Better yet, comment out the lines in /etc/aliases, > > which will cause the mail to be returned > > since that user won't exist. > > > > Why increase the spam traffic by the use > > of the bitbucket? If the mail doesn't come > > back they just keep sending...... > Without the aliases(5) entries, the mail will be delivered to local > mailboxes for those pesudo-users, eventually filling the disk if you > don't monitor disk usage. This was precisely the problem for Brett's > client. IMO the proper way to handle this is to use an MTA that has > some kind of access-control mechanism to restrict mail delivery to > non-user accounts in addition to having a forwarding mechanism for > them. to my knowledge this can be easily achieved by (manually) changing the permissions of the spool files: chown 0.0 /var/mail/news chmod 400 /var/mail/news et voila! mail can't be delivered and bounces (tho postmaster@ might get an anoying message :) cheerz simon -- /"\ http://corecode.ath.cx/#donate \ / \ ASCII Ribbon Campaign / \ Against HTML Mail and News --=.Q+H7dNHSyh6Bj7 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9FCw6r5S+dk6z85oRAjY1AJsG9xkBG/Um7ndeb+IBSYqliSE33gCeNVna ctEztWVQCuoLu068l7eGWiA= =9976 -----END PGP SIGNATURE----- --=.Q+H7dNHSyh6Bj7-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020622095013.40db50a3.corecode>