- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Re: Someone is probing my sendmail configuration
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-11-2004 05:09 AM
тАО01-11-2004 05:09 AM
Re: Someone is probing my sendmail configuration
I complained to shaw.ca to have his account revoked - as it was a violation of their terms of agreement - but to no avail - so I blocked his ip in my iptables...
His ip: 24.82.81.169
I would block that if I was you.
I also added that to my rc.local:
rc.local:/sbin/route add -host 24.82.81.169 reject
Rgds...Geoff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-11-2004 01:23 PM
тАО01-11-2004 01:23 PM
Re: Someone is probing my sendmail configuration
What a pain.
Its nice to know the mail is being rejected.
I think the way to prevent the form script from relaying to the target email address is to read the target email addresses from a file.
That might not help.
I have no idea how to relay mail through anyone elses server. I'm not a really good hacker/spammer I guess.
Don't post a script here. email it to investmenttool@yahoo.com
I'm using that to collect the garbage from the form script.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-12-2004 12:44 AM
тАО01-12-2004 12:44 AM
Re: Someone is probing my sendmail configuration
Have you tried:
http://www.abuse.net/relay.html
It doesn't do a loclhost test - but it does try spamtest@yourdomain.com
Rgds...Geoff
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-12-2004 05:36 AM
тАО01-12-2004 05:36 AM
Re: Someone is probing my sendmail configuration
Since then I've had no problems with the spam, but it doesn't happen every day.
I'm waiting, monitoring, checking out those links and will get back to you.
A hardware problem hung up my main Linux web server this morning forced an embarassing mid-day reboot. It was not spam or hacker related.
Once you've actually identified the source ip address of the problem, you can use iptables to block all access.
That also means public access to any public web sites you are running. Its not step to be taken lightly.
iptables(Linux) is robust but I'm not sure how many ip addresses you can have on the drop list before it starts eating up the whole cpu.
Same thing can be done with different syntax on the ipfilter hp firewall.
I really think HP should port iptables to HP-UX and be done with it. Its a good product.
Here is Goeof's thread:
http://forums1.itrc.hp.com/service/forums/questionanswer.do?threadId=364287
Anyone else has ideas, let me know.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО01-13-2004 03:01 AM
тАО01-13-2004 03:01 AM
Re: Someone is probing my sendmail configuration
Jan 12 18:48:13 dune sendmail[21149]: i0D2mDP5021149:
Jan 12 18:48:13 dune sendmail[21149]: i0D2mDP5021149: from=
Of course, a legitimate email from the MAILER-DAEMON is NOT fully qualified...
So I would explicitly block that
Rgds...Geoff
- « Previous
-
- 1
- 2
- Next »