-------- Original Message -------- Subject: Re: [Opencomputing-openprotect] recent spamassassin stock misconfiguration causing BIND issue Date: Wed, 18 Feb 2004 02:51:31 -0500 From: S.Karthikeyan <[EMAIL PROTECTED]> To: [EMAIL PROTECTED]
Dear Chipper, Thanks for the info. We'll correct this in the next release.
cheers, Karthikeyan, S.
Hi Karthikeyan;
Thanks for the kind words. But this issue sort of points to a deeper problem I think. I've corresponded with a number of folks over this
and it seems that only BIND 9.x was affected. Users of 8.x have
reported no such issue. I hope there are not too many 4.x users out
there connected to the internet any more. ;-)
What the admin at monkeys.com -despite intentions- has done, has deliberately misconfigured his dns and broken lots of "rules" in the process. What this has resulted in is a lightweight DoS against BIND 9.x And apparently a number of users of Microsoft Directory Services have been affected as well.
Some very busy mail servers have reported BIND crashing under the load of these errors.
In short, not your fault, I think the fault lies with BIND, and a few other name servers. If all one needs do is change an A record like this to create an issue like this, the software is buggy.
--chipper
This went on for a while. Couldn't sort it out.
Turns out that the fellow running relays.monkeys.com one of the enabled by default RBLs has shut down his service due to massive spamming attacks. He set his IN A record to 244.254.254.254 for relays.monkeys.com which has caused some real issues for some folks.
The fix is to comment out or remove the line pertaining to relays.monkeys.com in /etc/MailScanner/spam.lists.conf and restart the openprotect service.
-- This message has been scanned for viruses and dangerous content, and is believed to be clean.
-- This message has been scanned for viruses and dangerous content, and is believed to be clean.
