Date: Sun, 10 Nov 2002 00:16:30 -0600 From: "W. D." <WD@US-Webmasters.com> To: freebsd-questions@FreeBSD.ORG Cc: "Jack L. Stone" <jackstone@sage-one.net> Subject: Re: How to stop SPAMMER??! Message-ID: <5.1.0.14.2.20021109235134.0484d270@us-webmasters.com> In-Reply-To: <3.0.5.32.20021109211740.011f73b8@mail.sage-one.net> References: <20021110030443.1b0577ad.gs@vacfu.org> <5.1.0.14.2.20021109150436.069a4d50@us-webmasters.com> <5.1.0.14.2.20021109150436.069a4d50@us-webmasters.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 21:17 11/9/2002, Jack L. Stone wrote:
>At 03:04 AM 11.10.2002 +0100, Gustaf Sjoberg wrote:
>>On Sat, 09 Nov 2002 15:13:09 -0600
>>"W. D." <WD@US-Webmasters.com> wrote:
>>
>>either block incomming port 25 connections or set the smtserver to require
>authentication.
>>
>>ipfw entry could look something like:
>>
>>add <rule#> deny log tcp from any to <yourip> 25 in recv <interface>
This would completely block SMTP wouldn't it? I do have clients
on this server using email.
>>
>>>Hi folks,
>>>
>>>I've got some bozo from:
>>>
>>> SpaWeb1.spaelegance.com..auth
>>>
>>>doing all kinds of SMTP activity on my FreeBSD server. Does anyone
>>>know how to stop this? What kind of entry would I add to ipfw?
>>>
>>>Does anyone know what vulnerability this might be? How to stop
>>>permanently?
>>>
>
>Get the IP of the spammer if possible. I've had to use a total block like
>this:
>##### DENY INTRUDER through external interface
> #${fwcmd} add deny all from 66.000.00.000 to any via ${oif}
Where is ${oif} defined?
When I run a command like this it doesn't understand 'fwcmd'.
usw2# {fwcmd} add deny log all from 168.93.100.59/16 to any in via ${oif}
oif: Undefined variable.
usw2# {fwcmd} add deny log all from 168.93.100.59/16 to any in via lo0
fwcmd: Command not found.
>
>Reload the firewall rules....
>
>Best regards,
>Jack L. Stone,
>Administrator
>
>SageOne Net
>http://www.sage-one.net
>jackstone@sage-one.net
Start Here to Find It Fast!=A9 -> http://www.US-Webmasters.com/best-start-pa=
ge/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?5.1.0.14.2.20021109235134.0484d270>