Re: [SLUG] Sendmail - Spamming Problems

2001-02-07 Thread Andreas Mueller 

On Thu, Feb 08, 2001 at 07:12:00AM +1000, Steven Kerr wrote:


 Question: What other configuration could I use to stop this spamming ?
 

deny his mailhost ( ip )

access-file
-
mailmx.e-kolay.net 550 Blocked, cause of neverending Spam
212.15.64.41 550 Spammers shan't see sunlight here
net-pa@ 550 Spammers shan't see sunlight here
.
.
.
-

I guess you tried to reach him by email/phone in order to stop
his spam report him as a spamer at abuse network, or add 

FEATURE(dnsbl,`dul.maps.vix.com',`Please contact your ISP 
${client_addr}; Your a registered Spam-Host')

to your sendmail.mc file if he's a registered spamer 
see http://www.orbs.org www.mail-abuse.org

nice test you see if you mailserver is a 'secure'

telnet mail-abuse.org 

amu

P.S. if somebody is interested my access.file ~1000 entries
 e-mail :)  
-- 

"Denken und sein werden vom Widerspruch bestimmt". - Aristoteles
--
Public-gpg-Key: http://tr.debian.net/amu/amu.key 

-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug

Re: [SLUG] Sendmail - Spamming Problems

2001-02-07 Thread Mike Holland 

On Thu, 8 Feb 2001, Steven Kerr wrote:

 I have noticed over that last few days that some slime ball is using
 our sendmail 8.9.3 mail server as a relay.

Unlikely ... 8.9.3 disables such relaying, unless you specifically enable
it.
 
 Feb  7 10:15:13 gatekeeper sendmail[16323]: KAA16323:
 from=[EMAIL PROTECTED], size=702, class=0, pri=30702, nrcpts=1,
 msgid=[EMAIL PROTECTED], proto=ESMTP,
 relay=localhost [127.0.0.1]

That looks normal - it just describes incoming mail. Presumably spam sent
to your system. It doesnt mean its relaying back out.

Do you see any evidence of spam being forwarded back out by your system?


 So I assumed that the spammer is using the address 127.0.0.1

No, thats just means that localhost is receiving the mail.

 Question: What other configuration could I use to stop this spamming ?
 
See the sendmail docs, e.g.:
   http://www.sendmail.org/m4/anti-spam.html


QUESTION: How can I do spam-filtering in sendmail when calling it from
'fetchmail' ? Has anyone done this? Normal methods dont seem to work.

-- 
Mike Holland  [EMAIL PROTECTED]
  --==--
It is always the best policy to tell the truth, unless, of course,
you are an exceptionally good liar.  -- Jerome K. Jerome


-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug

Re: [SLUG] Sendmail - Spamming Problems

2001-02-07 Thread Marty 

 QUESTION: How can I do spam-filtering in sendmail when calling it from
 'fetchmail' ? Has anyone done this? Normal methods dont seem to work.

if your thinking about using maps/orbs/other blacklist it won't work...
they rely on denying connections from certain hosts...

your connections will be coming from fetchmail and hence 127.0.0.1

it is your isp or whoever is providing the pop box that needs to apply the
filtering for it to work...

later
marty


-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug

Re: [SLUG] Sendmail - Spamming Problems

2001-02-07 Thread Terry Collins 

Mike Holland wrote:
 
 On Thu, 8 Feb 2001, Steven Kerr wrote:
 
  I have noticed over that last few days that some slime ball is using
  our sendmail 8.9.3 mail server as a relay.
 
 Unlikely ... 8.9.3 disables such relaying, unless you specifically enable
 it.
 
  Feb  7 10:15:13 gatekeeper sendmail[16323]: KAA16323:
  from=[EMAIL PROTECTED], size=702, class=0, pri=30702, nrcpts=1,
  msgid=[EMAIL PROTECTED], proto=ESMTP,
  relay=localhost [127.0.0.1]

In that case, look at your firewall/etc. 
Some older stuff "relabels" messages as coming from the firewall, rather
than there original source, which defeats no-relay settings.

--
   Terry Collins {:-)}}} Ph(02) 4627 2186 Fax(02) 4628 7861  
   email: [EMAIL PROTECTED]  www: http://www.woa.com.au  
   WOA Computer Services lan/wan, linux/unix, novell

 "People without trees are like fish without clean water"

-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug

Re: [SLUG] Sendmail - Spamming Problems

2001-02-07 Thread Mike Holland 

On Thu, 8 Feb 2001, Marty wrote:

  QUESTION: How can I do spam-filtering in sendmail when calling it from
  'fetchmail' ? Has anyone done this? Normal methods dont seem to work.
 
 if your thinking about using maps/orbs/other blacklist it won't work...
 they rely on denying connections from certain hosts...

The mail will have "Received:" header lines. Any way to use those?

 your connections will be coming from fetchmail and hence 127.0.0.1
 
 it is your isp or whoever is providing the pop box that needs to apply the
 filtering for it to work...

I can do filtering with procmail, but want to be able to get fetchmail to
bounce certain senders, or mailboxes. Whats the best way?
  Should I use procmail commands to generate bounces?

-- 
Mike Holland  [EMAIL PROTECTED]
  --==--
It is always the best policy to tell the truth, unless, of course,
you are an exceptionally good liar.  -- Jerome K. Jerome


-- 
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://slug.org.au/lists/listinfo/slug