Re: [Mimedefang] Only one received header
Hi, On Mon, Feb 16, 2004 at 08:40:27AM +0100, Andrea Gabellini wrote: Hi, I changed the MX record of my domain one month ago with a new sendmail with MD, but a very large portion of spam continue to arrive directly to the old sendmail (that hold the mailboxes of the domain). = Seen that too. Seems that the spammers do not rely on DNS for sending their crap (it makes sense : DNS MX lookups can take some time and delay massive mailing) and have a kind of domain -- mailserver database. Looking at the received headers show that the spammer send directly to the server, so there is only one header. = How about just use another IP for this server and make sure the old IP is no longer used. Is it possible to block this kind of mail directly with sendmail? I can't install MD on this. Regards, SL/ ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Only one received header
On Mon, 16 Feb 2004 08:40:27 +0100, Andrea Gabellini wrote: Looking at the received headers show that the spammer send directly to the server, so there is only one header. That doesn't suprise me. I would also expect a few connections from worms/scanners that simply scan the net for open SMTP servers. Is it possible to block this kind of mail directly with sendmail? You should be able to tell sendmail only to accept connections from specific addresses. The sendmail docs should have this info hidden somewhere. OTH, typically a server that's not supposed to get connections from the net in general should be behind a firewall, and if it's behind a firewall you should simply block traffic you don't whant before it ever reaches the server. Regards /Jonas -- Jonas Eckerman, [EMAIL PROTECTED] http://www.fsdb.org/ ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] Only one received header
On 16 Feb 2004 at 12:54, Jonas Eckerman wrote: On Mon, 16 Feb 2004 08:40:27 +0100, Andrea Gabellini wrote: Is it possible to block this kind of mail directly with sendmail? snip OTH, typically a server that's not supposed to get connections from the net in general should be behind a firewall, and if it's behind a firewall you should simply block traffic you don't whant before it ever reaches the server. Firewall rules are probably the best way, but if that's not an option, try running sendmail -d0.1 -bv root | grep TCPWRAPPERS to see if your sendmail binary was linked against libwrap. If so, you can make use of hosts.allow and hosts.deny to only accept connections from your MX. Nels Lindquist * Information Systems Manager Morningstar Air Express Inc. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
