BWUAHAHHAHAHAHA! Now all your spam belongs to me ! LOLI knew there had to be a way just didnt see how without breaking squirrel mail. localhost on a setup like qmt should not need to send mail but I could be wrong.
Thanks Dave
On 01/15/2013 10:42 AM, Eric Shubert wrote:
On 01/14/2013 09:22 PM, David Milholen wrote:Hello all, Been a long time since I ve been here to ask a question. I am getting spam from localhost but its not my localhost.. How do I block this using spamdyke? SMTP LOG @4000000050f4d8b10021a73c tcpserver: pid 18003 from 222.254.188.144 @4000000050f4d8b100230e9c tcpserver: ok 18003 mx2:98.16.104.13:25 :222.254.188.144::50262 @4000000050f4d8b213e46264 CHKUSER accepted sender: from <su...@yahoo.com::> remote <localhost:unknown:222.254.188.144> rcpt <> : sender accepted @4000000050f4d8b238806c94 CHKUSER accepted any rcpt: from <su...@yahoo.com::> remote <localhost:unknown:222.254.188.144> rcpt <dmilho...@wletc.com> : accepted any recipient for this domain @4000000050f4d8b33170ce94 spamdyke[18003]: ALLOWED from: su...@yahoo.com to: dmilho...@wletc.com origin_ip: 222.254.188.144 origin_rdns: localhost auth: (unknown) encryption: (none) reason: 250_ok_1358223529_qp_18005 not sure how to stop localhost with out breaking something.. thanks Dave -- David Milholen Project Engineer P:501-318-1300C'mon guys. Look closely at the log message: remote <localhost:unknown:222.254.188.144>The first part of this (localhost) is the rDNS name. This can be verified:shubes@edwin:~$ host 222.254.188.144 144.188.254.222.in-addr.arpa domain name pointer localhost. shubes@edwin:~$Kinda clever on the spammer's part actually, as many servers are configured to allow all email from localhost.So to block this one and others like it, add localhost to the blacklist_rdns file.This might cause a problem with the stock QMT configuration of SquirrelMail though, since SM by default uses port 25 with no authentication. I plan to change this in the stock SM config at some point, but in the meantime you can simply change the /etc/squirrelmail/config_local.php file according to the wiki page here:http://wiki.qmailtoaster.com/index.php/Fetchmail That should nail it for you. BTW, thanks for the TIP: Blacklist localhost in blacklist_rdns file!
<<attachment: dmilholen.vcf>>
--------------------------------------------------------------------- To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
