From owner-freebsd-security Sat Jun 22 0:51: 4 2002 Delivered-To: freebsd-security@freebsd.org Received: from mailrelay1.lrz-muenchen.de (mailrelay1.lrz-muenchen.de [129.187.254.101]) by hub.freebsd.org (Postfix) with ESMTP id 954F137B95A for ; Sat, 22 Jun 2002 00:50:26 -0700 (PDT) Received: from [10.150.180.176] by mailrelay1.lrz-muenchen.de with ESMTP; Sat, 22 Jun 2002 09:50:22 +0200 Received: from elevation.uni.stoert.net (r180177.olydorf.swh.mhn.de [10.150.180.177]) by spirit.zuhause.stoert.net (8.11.6/8.11.6) with ESMTP id g5M7oKp32971; Sat, 22 Jun 2002 09:50:20 +0200 (CEST) (envelope-from corecode@elevation.uni.stoert.net) Received: (from corecode@localhost) by elevation.uni.stoert.net (8.12.3/8.12.3/Submit) id g5M7oJeH000358; Sat, 22 Jun 2002 09:50:19 +0200 (CEST) (envelope-from corecode) Date: Sat, 22 Jun 2002 09:50:13 +0200 From: "Simon 'corecode' Schubert" To: Darren Pilgrim Cc: kdk@daleco.biz, mark@work.drapple.com, twigles@yahoo.com, security@FreeBSD.ORG Subject: Re: Possible security liability: Filling disks with junk or spam Message-Id: <20020622095013.40db50a3.corecode@corecode.ath.cx> In-Reply-To: <3D13FFB2.39A80570@pantherdragon.org> References: <004301c2199d$dbacf3e0$5dec910c@daleco> <3D13FFB2.39A80570@pantherdragon.org> X-Mailer: Sylpheed version 0.7.8claws (GTK+ 1.2.10; i386-portbld-freebsd4.6) Mime-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; boundary="=.Q+H7dNHSyh6Bj7" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --=.Q+H7dNHSyh6Bj7 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Fri, 21 Jun 2002 21:40:19 -0700 Darren Pilgrim wrote: > "Kevin Kinsey, DaleCo, S.P." wrote: > > Better yet, comment out the lines in /etc/aliases, > > which will cause the mail to be returned > > since that user won't exist. > > > > Why increase the spam traffic by the use > > of the bitbucket? If the mail doesn't come > > back they just keep sending...... > Without the aliases(5) entries, the mail will be delivered to local > mailboxes for those pesudo-users, eventually filling the disk if you > don't monitor disk usage. This was precisely the problem for Brett's > client. IMO the proper way to handle this is to use an MTA that has > some kind of access-control mechanism to restrict mail delivery to > non-user accounts in addition to having a forwarding mechanism for > them. to my knowledge this can be easily achieved by (manually) changing the permissions of the spool files: chown 0.0 /var/mail/news chmod 400 /var/mail/news et voila! mail can't be delivered and bounces (tho postmaster@ might get an anoying message :) cheerz simon -- /"\ http://corecode.ath.cx/#donate \ / \ ASCII Ribbon Campaign / \ Against HTML Mail and News --=.Q+H7dNHSyh6Bj7 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQE9FCw6r5S+dk6z85oRAjY1AJsG9xkBG/Um7ndeb+IBSYqliSE33gCeNVna ctEztWVQCuoLu068l7eGWiA= =9976 -----END PGP SIGNATURE----- --=.Q+H7dNHSyh6Bj7-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message