Re: Denial of Service via UCE
On Thu, Jan 30, 2003 at 02:52:18PM +1300, Pulu 'Anau wrote: >... > I take care of an email system for a high school in the Kingdom of tonga. > They're on a 32K link. Recently, some unknown purveyor of evil (Spam > Company) has decided to start sending large amounts of spam about various > penny stocks. The distribution is huge because I've gotten some of these > and I don't get that much spam. > Unfortunately, they decided to set their MAIL FROM to be an account that > doesn't and never has existed at the school. This has caused mail servers > from all over the world to send back failure notices to this account, > effectively shutting down internet access at the school. > The school asked me what they could do about it, and my answer for them is > "pretty much nothing". It sounds like you've done everything you could. I had this happen to me. Basically, it stops after a few days unless they use your address again. At that point you can get them shut down (for those who are groaning... i've done it). But real spammers just go on and use the next random person on the 'net. I wouldn't spend any money on Postini. You've done all of the right things. And of course, all of your systems and all the systems you know are not relaying spam! :) Good luck. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Denial of Service via UCE
You might look at Postini services: http://www.postini.com We use it here and it just works! The setup of the EMS saved me atleast 1mbit of bandwidth.. I don't know if they provide special deals for schools but my contact is: Jabari Norton [EMAIL PROTECTED] 650-482-3145 Phone 650-269-1834 Cell 650-482-3109 Primary Fax 650-482-3108 Secondary Fax http://www.postini.com/products --- Sonny At 02:52 PM 1/30/2003 +1300, Pulu 'Anau wrote: Hi, this is not particularly a debian related question but this is the most knowledgable list that I track, and I hope someone here might have a "miracle answer" that we can't think of. I take care of an email system for a high school in the Kingdom of tonga. They're on a 32K link. Recently, some unknown purveyor of evil (Spam Company) has decided to start sending large amounts of spam about various penny stocks. The distribution is huge because I've gotten some of these and I don't get that much spam. Unfortunately, they decided to set their MAIL FROM to be an account that doesn't and never has existed at the school. This has caused mail servers from all over the world to send back failure notices to this account, effectively shutting down internet access at the school. The school asked me what they could do about it, and my answer for them is "pretty much nothing". The only reasonable thing we could think of would be to get a relay at an external site that could filter this stuff out before it forwarded it to the school. On the technical front, I've modified postfix to deny the messages at the MAIL FROM: point with an smtpd_recipient_restriction, and that's reduced the traffic enough that they can use the net and the school's real email can get through, but I and my business partner here can't think of anything else to do. On the social front, I've sent some threatening emails to the companies that are advertised, but because they're penny stocks, I think the companies might not be involved at all, someone is just buying these guys at .03 a piece and hoping the spam will bring them up to .05. Anyone have any other ideas? It's not like I can ban most of the mail servers on the internet (a large portion of the traffic is coming from msn, hotmail, et al). Thanks for any advice. AFE.to ANTS ph-27946 or 878-1332 http://www.afe.to -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Denial of Service via UCE
Hi, this is not particularly a debian related question but this is the most knowledgable list that I track, and I hope someone here might have a "miracle answer" that we can't think of. I take care of an email system for a high school in the Kingdom of tonga. They're on a 32K link. Recently, some unknown purveyor of evil (Spam Company) has decided to start sending large amounts of spam about various penny stocks. The distribution is huge because I've gotten some of these and I don't get that much spam. Unfortunately, they decided to set their MAIL FROM to be an account that doesn't and never has existed at the school. This has caused mail servers from all over the world to send back failure notices to this account, effectively shutting down internet access at the school. The school asked me what they could do about it, and my answer for them is "pretty much nothing". The only reasonable thing we could think of would be to get a relay at an external site that could filter this stuff out before it forwarded it to the school. On the technical front, I've modified postfix to deny the messages at the MAIL FROM: point with an smtpd_recipient_restriction, and that's reduced the traffic enough that they can use the net and the school's real email can get through, but I and my business partner here can't think of anything else to do. On the social front, I've sent some threatening emails to the companies that are advertised, but because they're penny stocks, I think the companies might not be involved at all, someone is just buying these guys at .03 a piece and hoping the spam will bring them up to .05. Anyone have any other ideas? It's not like I can ban most of the mail servers on the internet (a large portion of the traffic is coming from msn, hotmail, et al). Thanks for any advice. AFE.to ANTS ph-27946 or 878-1332 http://www.afe.to -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ISC DHCP + Navis Radius
Okay, this is a weird one Had a client that once upon a time bought a navis raduis against my speciffic recomendation to NOT got the propietary way if they meant business in the ISP market.away they went to pay the per user licenses and such. Nowdays, they require a DHCP server to serve ip's by class to the stupid Navis box. Q: Anyone has such a beast working with our stock beloved dhcpd3 in debian? It seems navis expects the dhcpo to support something called the class identifier field shure, we support that with dhcp, but the RFC says that this is reserved for vendor speciffic stuff. Client says, Option 60! -> Gimme an address from pool CLASS1, and the dhcp should return vendor speciffic information in some rfc defined way Im nervous, im not shure this is doable in isc dhcp because its explicitly where the RFC defines you should extend for your own evil purposes please lend a hand if u know! -- Alex Borges (lex) <[EMAIL PROTECTED]> Step One Group -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix : Rejecting message with more than X number of recipients
On Wed, Jan 29, 2003 at 10:06:19AM -0200, Andre Luis Lopes wrote: [snip] > Thanks for the info. I'll try this one and report back the results. Just to let you all know, it worked fine. Thank you all again. -- ++--++ || Andre Luis Lopes [EMAIL PROTECTED] || || Debian-BR Project http://debian-br.cipsga.org.br || || Public GPG KeyID 9D1B82F6 || || Keyserver wwwkeys.eu.pgp.net || msg07916/pgp0.pgp Description: PGP signature
Exim and LDAP
Folks, I'm trying to get a business set up with a Debian system running Exim talking to LDAP for user lookups. This is working fine, but right after I was ready to get them to sign off on the project, they came up with "Oh, does the old feature of [EMAIL PROTECTED] still work? We have to have that!" Well, short of creating thousands of new aliases, and a way for them to maintain them, can anyone figure out a creative way in an Exim/LDAP filter to match the localpart of 'First.Last' against the sn and givenname attributes? I've started at this so long, I'm going nuts... Thanks, Tim -- >< >> Tim Sailer (at home) >< Coastal Internet, Inc. << >> Network and Systems Operations >< PO Box 671 << >> http://www.buoy.com >< Ridge, NY 11961 << >> [EMAIL PROTECTED][EMAIL PROTECTED] >< (631)924-3728 (888) 924-3728 << >< -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix : Rejecting message with more than X number ofrecipients
Em Qua, 2003-01-29 às 09:47, Tomasz Papszun escreveu: [snip] > smtpd_recipient_limit Thanks for the info. I'll try this one and report back the results. -- André Luís Lopes [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Postfix : Rejecting message with more than X number of recipients
On Wed, 29 Jan 2003 at 9:04:31 -0200, Andre Luis Lopes wrote: > > I would like to know if someone managed to get Postfix reject messages > which contains more than X number of recipients (X being any previously > specified number using some parameter in Postfix's main.cf file). > > I was reading about the topic and already experimented with > default_destination_recipient_limit and smtp_destination_recipient_limit > parameters but it seems these ones aren't what I really need. > > default_destination_recipient_limit actually will broke the recipient > list into smaller lists and send multiple copies of the message, but not > reject it. > > The documentation for smtp_destination_recipient_limit doesn't help too > much. Anyway, I tried it and it didn't do what I need. > > Does someone knows if it's possible to do this using Postfix or should I > use a separated script/software/package/whatever ? > smtpd_recipient_limit -- Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only [EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Postfix : Rejecting message with more than X number of recipients
Hi, I would like to know if someone managed to get Postfix reject messages which contains more than X number of recipients (X being any previously specified number using some parameter in Postfix's main.cf file). I was reading about the topic and already experimented with default_destination_recipient_limit and smtp_destination_recipient_limit parameters but it seems these ones aren't what I really need. default_destination_recipient_limit actually will broke the recipient list into smaller lists and send multiple copies of the message, but not reject it. The documentation for smtp_destination_recipient_limit doesn't help too much. Anyway, I tried it and it didn't do what I need. Does someone knows if it's possible to do this using Postfix or should I use a separated script/software/package/whatever ? Regards, -- André Luís Lopes [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]