Can someone give me a clue on filtering mail on using the stock sendmail that comes with Solaris? I am unfortunately without a sysadmin right now (anyone need a job?) but I do know enough to monkey with what needs monkeying. Anyway, a certain user decided to dial up (to somewhere else) and use my mail system to send mail to every single AOL user. Today alone I probably got about 600 copies of his bounced mail...never mind that this is deffinately not cool. Anyway, I have the email address that he is using as for the FROM: field so I'd like to simply block that out. Help would be appreciated. Brian
On Jun 18, Brian Horvitz <horvitz@websecure.net> wrote:
Can someone give me a clue on filtering mail on using the stock sendmail that comes with Solaris?
I can probably point you in the right direction (it's a hobby of mine), but the first step is unquestionably to upgrade to a modern sendmail.
Anyway, I have the email address that he is using as for the FROM: field so I'd like to simply block that out.
That won't be enough. Now that one spammer knows your site allows relaying, you can expect more to do the same thing.
Help would be appreciated.
The best resource is http://spam.abuse.net/ -- the patches and recipes at http://www.sendmail.org/ don't work for everybody yet. Feel free to bug me privately if you've got any questions about which one to use, etc. -- J.D. Falk, Network Operations Center Supervisor +1 (415) 482-2840 Priori Networks, Inc. http://www.priori.net "The people you know. The people you trust."
On Wed, 18 Jun 1997, Brian Horvitz wrote:
Can someone give me a clue on filtering mail on using the stock sendmail that comes with Solaris? I am unfortunately without a sysadmin right now (anyone need a job?) but I do know enough to monkey with what needs monkeying. Anyway, a certain user decided to dial up (to somewhere else) and use my mail system to send mail to every single AOL user. Today
First upgrade to sendmail 8.8.5 (or try 8.8.6) and then take a look at: http://www.informatik.uni-kiel.de/%7Eca/email/english.html
alone I probably got about 600 copies of his bounced mail...never mind that this is deffinately not cool. Anyway, I have the email address that he is using as for the FROM: field so I'd like to simply block that out. Help would be appreciated.
You also need to prevent people from using your server as a relay. If you don't, you are doomed. Bill
participants (3)
-
Bill Becker -
Brian Horvitz -
J.D. Falk