[luau] Blocking mail relayers
Florian Hines
frhines at swbell.net
Tue Sep 24 17:56:01 PDT 2002
You can either
add him to hosts.deny,
or add
his.ip.here. reject
to your access file in /etc/mail you can do custom reject messages too. If
its an ISP you know you wont get alot of traffic from just block the whole
ip-block.
Best way to kill attempted relaying so is to use Cyrus sasl to do smtp auth.
by adding
define(`confAUTH_OPTIONS', `A')dnl
TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
to your sendmail.mc file
then use
[root at NS2 mail]# saslpasswd someuser
Password:
Again (for verification):
[root at NS2 mail]#
to add the passwd to the salsdb.
I'm assuming you're using sendmail, if its a default RH 7.3 install cyrus
will already be compiled into sendmail other wise you will have to recompile
it with cyrus support.
Florian
-----Original Message-----
From: luau-admin at videl.ics.hawaii.edu
[mailto:luau-admin at videl.ics.hawaii.edu]On Behalf Of Erich S.
Sent: Tuesday, September 24, 2002 10:26 PM
To: luau at videl.ics.hawaii.edu
Subject: [luau] Blocking mail relayers
Hiya,
Still getting used to my new RH 7.3 setup, and was wondering about some
logwatch entries I've been getting.
I see entries in logwatch showing a lot of mail for unknown users. They
have what appear to be random names with my domain attached to the end.
There was a whole slew of them all generated by this IP:
relay=rlkal1a009.comtech-data.se [194.198.208.9] (may be forged)
How can I be sure I'm not relaying for this scumball? How can I just block
him completely?
Are there any good test tools out there for making sure I'm not letting
any scum get through?
Thanks in advance!
Erich
_______________________________________________
LUAU mailing list
LUAU at videl.ics.hawaii.edu
http://videl.ics.hawaii.edu/mailman/listinfo/luau
More information about the LUAU
mailing list