Re: Spam troubles
At 10:16 11/10/00 +0100, Pierrot Driguez wrote: >Hi all, > >I have a Qmail server with Vpopmail for test that seems to work fine. >My actual trouble is spam from "Dialsprint.net" and "uu.net". >Here are the IP addresses they used to send their shi... sorry, >their mails: > >Any ideas ? For an in-depth look at this subject, see Mark Jason Dominus's series, "My Life with Spam", beginning at: http://www.plover.com/~mjd/perl/lp/Spam.html#My_Life_with_Spam and continued at: http://www.perl.com/print/2000/02/spamfilter.html and http://www.perl.com/print/2000/03/spam3.html -- All the best (Adéu-siau), Lou Hevly [EMAIL PROTECTED] http://www.visca.com
Re: Spam troubles
Pierrot Driguez wrote: > I have a Qmail server with Vpopmail for test that seems to work fine. > My actual trouble is spam from "Dialsprint.net" and "uu.net". > [...] > So, each time I see a new address from them in /var/log/qmail/qmail-smtp/... > I include it in the tcp.smtp file, and reload with ./qmail cdb. Use rblsmtpd (included in the latest ucspi) ... my smtp.tcp file looks more like: # Internal 192.168.:allow,RELAYCLIENT="" # Disallow spammers 167.234.1.10:allow,RBLSMTPD="-Don't_bounce_to_header_senders!" 202.109.85.225:allow,RBLSMTPD="-Don't_SPAM!" 202.110.154.194:allow,RBLSMTPD="-Don't_SPAM!" 61.151.184.115:allow,RBLSMTPD="-Don't_SPAM!" # Allow all others without relaying :allow And this causes rblsmtpd to actually establish an SMTP session with the incoming spammer and tell them their mail isn't wanted, and why. If a given postmaster ends up getting these, they may take action ... (or not). It also lets you use the RBL or other services to auto-block large numbers of IPs. See http://www.maps.org and search the message archives on the qmail list for MAPS and SPAM.
RE: Spam troubles
Hi Pierre, you should definitely switch to rblsmtpd instead of using the tcp.smtpd file. The reason is that the tcp.smtpd file will completely block their attempted connection, so their mail server will consider your server down and keep retrying for as long as necessary which means lots of connections to your system. If you use rblsmtpd, from the qmail homepage, and then subscribe it to the MAPS DUL (Dial-Up User List), it should catch most of those dial-up addresses you're being spammed from and block their mail servers with a permanent undeliverable code so they won't try again. Dave -Original Message- From: Pierrot Driguez [mailto:[EMAIL PROTECTED]] Sent: Wednesday, October 11, 2000 5:16 AM To: [EMAIL PROTECTED] Subject: Spam troubles Hi all, I have a Qmail server with Vpopmail for test that seems to work fine. My actual trouble is spam from "Dialsprint.net" and "uu.net". Here are the IP addresses they used to send their shi... sorry, their mails: 63.29.159.93 63.29.160.6 63.29.165.82 63.29.185.109 63.29.185.159 63.178.76.150 63.178.76.160 63.178.76.172 63.178.76.185 63.178.76.195 206.133.117.179 206.133.121.28 206.133.123.193 206.133.123.217 206.133.123.219 206.133.123.239 206.133.125.225 206.133.125.228 206.133.125.230 206.133.125.234 So, each time I see a new address from them in /var/log/qmail/qmail-smtp/... I include it in the tcp.smtp file, and reload with ./qmail cdb. Actually this file looks like this : - 209.178.164.:deny 209.178.167.:deny () 127.0.0.1:allow,RELAYCLIENT="" 192.168.2.:allow,RELAYCLIENT="" :allow - I would like my tcp server to allow receiving mails from anyone but avoid the relaying. Any ideas ? Thanks Pierre Rodriguez
Spam troubles
Hi all, I have a Qmail server with Vpopmail for test that seems to work fine. My actual trouble is spam from "Dialsprint.net" and "uu.net". Here are the IP addresses they used to send their shi... sorry, their mails: 63.29.159.93 63.29.160.6 63.29.165.82 63.29.185.109 63.29.185.159 63.178.76.150 63.178.76.160 63.178.76.172 63.178.76.185 63.178.76.195 206.133.117.179 206.133.121.28 206.133.123.193 206.133.123.217 206.133.123.219 206.133.123.239 206.133.125.225 206.133.125.228 206.133.125.230 206.133.125.234 So, each time I see a new address from them in /var/log/qmail/qmail-smtp/... I include it in the tcp.smtp file, and reload with ./qmail cdb. Actually this file looks like this : - 209.178.164.:deny 209.178.167.:deny () 127.0.0.1:allow,RELAYCLIENT="" 192.168.2.:allow,RELAYCLIENT="" :allow - I would like my tcp server to allow receiving mails from anyone but avoid the relaying. Any ideas ? Thanks Pierre Rodriguez