- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Enhance sendmail security for HP-UX /Linux mai...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-19-2006 05:15 AM
тАО10-19-2006 05:15 AM
Enhance sendmail security for HP-UX /Linux mail servers.
I manage my own domain and hand out email accounts to people who need them, whom I wish to work with.
Invariably, due to various factors these addresses end up on spam lists.
My response of late has been to use throw away email addresses and my mail form http://www.isnamerica.com/contactsep.shtml which allows me to decide whether the inquiry gets to contact me.
The bottom line is I'm tired of throwing away email addresses because inevitably someone doesn't get the message and can't reach me.
I noticed that my credit card companies with their notices remind me to include the addresses they use to send out notices in my address book so that they can continue reminding me when to make payments and such.
I know that certain mail clients use the address book or other list management to deny access to unauthorized senders.
I think that is a nifty idea and would like to implement it. Since sendmail is the mta that would be the logical place to do it globally.
Needs:
A web interface with authentication that allows users to manage their lists.
Lists stored in a format that I can access them with a shell script and build them into the access database with my already nifty scripts.
I know I can actually do this myself. I can create an https page and let people manage lists that sit in clear text on their home directories which I know are secure. I'm not thrilld about writing the code and integrating it seems a pain. Try and get two people to agree on a mail reader. You need three, one for each and one for them both to boycott. Perhaps 4 because they won't be able to agree on which to boycott.
Other ideas:
A squirrelmail plugin. I can definitely read anything squirrelmail saves on disk with my sendmail scripts.
My servers are going to become a black hole that simply will not accept inbound mail from anyone not on their mailing lists.
Of course, I'm, not happy to spend money on this as funds are always limited.
Your thoughts and links will of course be rewarded.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-22-2006 06:55 PM
тАО10-22-2006 06:55 PM
Re: Enhance sendmail security for HP-UX /Linux mail servers.
would your setup be 'clever' enough to reject emails with faked 'from' addresses ?
Most access list systems seem to work on the idea that anything is ok to be let through, as long as the receiver address is correct and the sender is on the list.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-22-2006 07:05 PM
тАО10-22-2006 07:05 PM
Re: Enhance sendmail security for HP-UX /Linux mail servers.
Initially no, however it could be made clever enough to do this. There are some sendmail rules to match domain name back to source. They are problematic but workable.
Seems the users that are effected want the system. They are tired of changing email addresses as am I. I'll end up providing them all with a secure form (see my profile) and they're going to put something like that on their business card instead of email.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2006 02:35 AM
тАО10-23-2006 02:35 AM
Re: Enhance sendmail security for HP-UX /Linux mail servers.
I think the Sendmail "REJECT" message should include the URL of the form.
Something like:
reject:"554 - you are not on my accepted mail list, please see http://myform.somewhere.com"
Then a "real" person could just fill in that form and the client would get an email stating soandso@letmesendemailtoyou.com wants to send them an email.
They can then go to the "manage my mailing list" and add them.
This is very similiar to a challenge/response system - and you need to be careful - as those tend to get blackholed by spamhaus (I know - I tried "ask" for a while).
IE - make sure you use REJECT and not try to send an email.
I don't think a webmail plugin is needed - better to have it self contained - that way it doesn't matter what the client uses.
Rgds...Geoff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2006 03:21 AM
тАО10-23-2006 03:21 AM
Re: Enhance sendmail security for HP-UX /Linux mail servers.
I agree with you.
Right now the application that most easily generates address lists is squirrelmail. So the people using squirrelmail have been warned update your address lists.
Those that do not will get a tutorial with some pictures and have to update their address lists.
Those that choose to ignore the whole process will pay increased storage fees for their spam. I can excempt certain domains from the process by relaying their mail from temporary servers on the firewall.
Its all aboard really and there will be a general form that people will be able to fill out to let our users know that someone wants to reach out and email them.
Part of the project is taking the extensive access datase we have and modifying all of the messaging to point to the page which has as yet not been developed.
This pretty much solves my problem. I don't have any complaints about not getting enough mail. The complaint I get is spam volume is increasing because most people are too ignorant and hand out their email address to easily.
My next batch of cards in the US if they print them will simply include a web page for initial contact. I'll save a lot of money printing cards that way.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2006 07:56 AM
тАО10-23-2006 07:56 AM
Re: Enhance sendmail security for HP-UX /Linux mail servers.
the overall idea makes sense, although I think such a web-form should be https encrypted, because any intelligent router would be able to parse http traffic for E-Mail adresses or even worse the phone numbers.
Funny for me is, that you use an english "Send Request" Button but a "Reset" Standard button which get translated to German "Zuruecksetzen" (Even with a correct Umlaut, which is not displayed correctly in this forums preview) in my case :-)
In addition I know of some forums I used to register in, that there are robots that are able to fill out these forms to get accounts. Forums usually include a garbled 6 letter graphic that needs to be translated to text by the person registering. -> Might sort out some robots.
Volker
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-23-2006 08:41 AM
тАО10-23-2006 08:41 AM
Re: Enhance sendmail security for HP-UX /Linux mail servers.
the test form is https encrypted.
Good that you mentioned it in case someone else comes across this thread.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-24-2006 07:20 AM
тАО10-24-2006 07:20 AM
Re: Enhance sendmail security for HP-UX /Linux mail servers.
the http link in you intro-posting is not transformed or redirected to a https link/site in my browser and I get no lock displayed in the browser footer line.
Does not look encrypted to mee.
Did I get something wrong ?
Or do you use a diffent page for your "real" contacts and this is just a sample for discussion (that would explain it :-)
Volker
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО10-24-2006 09:33 AM
тАО10-24-2006 09:33 AM
Re: Enhance sendmail security for HP-UX /Linux mail servers.
I'm going to use httpd redirect in httpd.conf to make the actual page go encrypted.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com