Re: [SLUG] Sendmail - Spamming Problems
On Thu, Feb 08, 2001 at 07:12:00AM +1000, Steven Kerr wrote: Question: What other configuration could I use to stop this spamming ? deny his mailhost ( ip ) access-file - mailmx.e-kolay.net 550 Blocked, cause of neverending Spam 212.15.64.41 550 Spammers shan't see sunlight here net-pa@ 550 Spammers shan't see sunlight here . . . - I guess you tried to reach him by email/phone in order to stop his spam report him as a spamer at abuse network, or add FEATURE(dnsbl,`dul.maps.vix.com',`Please contact your ISP ${client_addr}; Your a registered Spam-Host') to your sendmail.mc file if he's a registered spamer see http://www.orbs.org www.mail-abuse.org nice test you see if you mailserver is a 'secure' telnet mail-abuse.org amu P.S. if somebody is interested my access.file ~1000 entries e-mail :) -- "Denken und sein werden vom Widerspruch bestimmt". - Aristoteles -- Public-gpg-Key: http://tr.debian.net/amu/amu.key -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
Re: [SLUG] Sendmail - Spamming Problems
On Thu, 8 Feb 2001, Steven Kerr wrote: I have noticed over that last few days that some slime ball is using our sendmail 8.9.3 mail server as a relay. Unlikely ... 8.9.3 disables such relaying, unless you specifically enable it. Feb 7 10:15:13 gatekeeper sendmail[16323]: KAA16323: from=[EMAIL PROTECTED], size=702, class=0, pri=30702, nrcpts=1, msgid=[EMAIL PROTECTED], proto=ESMTP, relay=localhost [127.0.0.1] That looks normal - it just describes incoming mail. Presumably spam sent to your system. It doesnt mean its relaying back out. Do you see any evidence of spam being forwarded back out by your system? So I assumed that the spammer is using the address 127.0.0.1 No, thats just means that localhost is receiving the mail. Question: What other configuration could I use to stop this spamming ? See the sendmail docs, e.g.: http://www.sendmail.org/m4/anti-spam.html QUESTION: How can I do spam-filtering in sendmail when calling it from 'fetchmail' ? Has anyone done this? Normal methods dont seem to work. -- Mike Holland [EMAIL PROTECTED] --==-- It is always the best policy to tell the truth, unless, of course, you are an exceptionally good liar. -- Jerome K. Jerome -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
Re: [SLUG] Sendmail - Spamming Problems
QUESTION: How can I do spam-filtering in sendmail when calling it from 'fetchmail' ? Has anyone done this? Normal methods dont seem to work. if your thinking about using maps/orbs/other blacklist it won't work... they rely on denying connections from certain hosts... your connections will be coming from fetchmail and hence 127.0.0.1 it is your isp or whoever is providing the pop box that needs to apply the filtering for it to work... later marty -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
Re: [SLUG] Sendmail - Spamming Problems
Mike Holland wrote: On Thu, 8 Feb 2001, Steven Kerr wrote: I have noticed over that last few days that some slime ball is using our sendmail 8.9.3 mail server as a relay. Unlikely ... 8.9.3 disables such relaying, unless you specifically enable it. Feb 7 10:15:13 gatekeeper sendmail[16323]: KAA16323: from=[EMAIL PROTECTED], size=702, class=0, pri=30702, nrcpts=1, msgid=[EMAIL PROTECTED], proto=ESMTP, relay=localhost [127.0.0.1] In that case, look at your firewall/etc. Some older stuff "relabels" messages as coming from the firewall, rather than there original source, which defeats no-relay settings. -- Terry Collins {:-)}}} Ph(02) 4627 2186 Fax(02) 4628 7861 email: [EMAIL PROTECTED] www: http://www.woa.com.au WOA Computer Services lan/wan, linux/unix, novell "People without trees are like fish without clean water" -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug
Re: [SLUG] Sendmail - Spamming Problems
On Thu, 8 Feb 2001, Marty wrote: QUESTION: How can I do spam-filtering in sendmail when calling it from 'fetchmail' ? Has anyone done this? Normal methods dont seem to work. if your thinking about using maps/orbs/other blacklist it won't work... they rely on denying connections from certain hosts... The mail will have "Received:" header lines. Any way to use those? your connections will be coming from fetchmail and hence 127.0.0.1 it is your isp or whoever is providing the pop box that needs to apply the filtering for it to work... I can do filtering with procmail, but want to be able to get fetchmail to bounce certain senders, or mailboxes. Whats the best way? Should I use procmail commands to generate bounces? -- Mike Holland [EMAIL PROTECTED] --==-- It is always the best policy to tell the truth, unless, of course, you are an exceptionally good liar. -- Jerome K. Jerome -- SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/ More Info: http://slug.org.au/lists/listinfo/slug