From owner-freebsd-questions Sat Oct 19 08:34:11 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id IAA18948 for questions-outgoing; Sat, 19 Oct 1996 08:34:11 -0700 (PDT) Received: from cyclone.degnet.baynet.de (root@cyclone.degnet.baynet.de [194.95.214.129]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id IAA18938 for ; Sat, 19 Oct 1996 08:34:07 -0700 (PDT) Received: from neuron (ppp6 [194.95.214.136]) by cyclone.degnet.baynet.de (8.6.12/8.6.9) with SMTP id RAA12087; Sat, 19 Oct 1996 17:35:25 +0100 Message-ID: <32690FC9.6A76@degnet.baynet.de> Date: Sat, 19 Oct 1996 16:28:41 +0000 From: Darius Moos Reply-To: moos@degnet.baynet.de X-Mailer: Mozilla 3.0Gold (Win95; I) MIME-Version: 1.0 To: "Timothy P. Layton, Sr." CC: FreeBSD-questions Subject: Re: HELP !!! I have a mail hacker. References: <199610190913.JAA07351@global-sol.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-questions@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Compile IPFIREWALL into your kernel. Have a look into /etc/rc.firewall: Make a rule to deny access from the evil domain to your IP on port 25 (that's the SMTP-port). Enable firewalling in /etc/sysconfig Install new kernel. Reboot. Have a look at "man ipfw". Further, try to talk to the Provider of this domain. Darius Moos. Timothy P. Layton, Sr. wrote: > > Help !!! > > my mail host is receiving a couple thousand messages per night > from a ficticous user at a fake domain. > > I looked in the maillog and found what domain the messages where > coming from. > > Can I reject all mail from a single domain, and can I take it even > further by refusing any type of connection from a domain ?? > > Please Help ! > > Thanks > Tim- > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= > Timothy P. Layton, Sr. > http://www.global-sol.com > mailto:tlayton@global-sol.com > voice:314.298.0873 Fax:314.298.8482 > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= -- email: moos@degnet.baynet.de