[luau] Blocking mail relayers
F. Hines
frhines at swbell.net
Wed Sep 25 11:58:00 PDT 2002
Took me awhile to find it again,
but here is the sendmail link http://www.sendmail.org/~ca/email/auth.html
its a lil brain frying to read. When you are reading keep in mind that you
dont have re-compile sendmail or any of that since you are using R.H.
7.3...you can just skip down to the "Configuration" Section.
link to rfc2222 ftp://ftp.isi.edu/in-notes/rfc2222.txt - for when you are
really bored.
and of course
man sasl
&
man saslpasswd
If you have any question or need some help don't hesitate to ask me. I
wrote a step by step tutorial on implementing smtp auth but im not sure
where it is..one of my clients might still have a copy ill ask around.
Florian
-----Original Message-----
From: luau-admin at videl.ics.hawaii.edu
[mailto:luau-admin at videl.ics.hawaii.edu]On Behalf Of Erich S.
Sent: Wednesday, September 25, 2002 12:46 PM
To: luau at videl.ics.hawaii.edu
Subject: RE: [luau] Blocking mail relayers
Hiya,
Thanks for the response guys!
I think I found the abuse.net test site earlier, and it passed all the
tests, but I was wondering if somehow this bozo was getting through.
What's really irritating was that it was coming from that IP every 20
minutes.
I added the IP to hosts.deny and restarted XINETD. Not sure if that did
anything.
But adding the ip to the /etc/mail/access file with REJECT and restarting
sendmail seemed to start denying him *YAY* when I looked in
/var/log/maillog for entries.
* Does sendmail need to be restarted each time you change the
/etc/mail/access file? or does it check the file for each email sent?
Florian, is there anywhere I can read up on Cyrus sasl? I'd like to
learn more about it before I set it up.
Thanks again!
Sharky
On Tue, 24 Sep 2002, Florian Hines wrote:
>I use this test all the time:
>
>http://www.abuse.net/relay.html
On Tue, 24 Sep 2002, Florian Hines wrote:
> You can either
>
> add him to hosts.deny,
>
> or add
>
> his.ip.here. reject
>
> to your access file in /etc/mail you can do custom reject messages too.
If
> its an ISP you know you wont get alot of traffic from just block the whole
> ip-block.
>
> Best way to kill attempted relaying so is to use Cyrus sasl to do smtp
auth.
> by adding
>
> define(`confAUTH_OPTIONS', `A')dnl
> TRUST_AUTH_MECH(`DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
> define(`confAUTH_MECHANISMS', `DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
>
> to your sendmail.mc file
>
> then use
>
> [root at NS2 mail]# saslpasswd someuser
> Password:
> Again (for verification):
> [root at NS2 mail]#
>
> to add the passwd to the salsdb.
>
>
> I'm assuming you're using sendmail, if its a default RH 7.3 install cyrus
> will already be compiled into sendmail other wise you will have to
recompile
> it with cyrus support.
>
> Florian
_______________________________________________
LUAU mailing list
LUAU at videl.ics.hawaii.edu
http://videl.ics.hawaii.edu/mailman/listinfo/luau
More information about the LUAU
mailing list