EMERGENCY - need to secure my server against an ongoing SPAMMER
Roger Grosswiler
roger at gwch.net
Mon Mar 14 06:49:10 UTC 2005
Bob Brennan schrieb:
[snip]
>>Probably a good idea to shut them off semi-permanently:
>>add these lines to your iptables firewall:
>>(Note - there are more general ways to script iptables setups)
>>(Read "better ways", but this is a specific example)
>>
>># Next 8 lines specific to tfn.net.tw
>># Log any connection attempts by tfn,net.tw
>>iptables -A INPUT -i eth0 -s 219.81.0.0/16 -j LOG --log-prefix "static.tfn.net.tw"
>>iptables -A INPUT -i eth0 -s 61.31.0.0/16 -j DROP -j LOG --log-prefix "dynamic.tfn.net.tw "
>>
>># Drop dynamic.tfn.net.tw
>>iptables -A INPUT -i eth0 -s 61.31.0.0/16 -j DROP
>># Drop static.tfn.net.tw
>>iptables -A INPUT -i eth0 -s 219.81.0.0/16 -j DROP
[/snip]
Hi Bob,
Good way to get the spammer of your ports ;-)
See here 2 links, where you chan check your mailserver immediately for
your "open relay". There is no need to register or whatever - just type
your ip and go. You will see if your mailserver is secure enough or
which methods still could be used, to send spam via your mailserver.
http://www.relaycheck.com/test.asp
http://www.antispam-ufrj.pads.ufrj.br/
Have you built-in RBL-Support for your mailserver? This perhaps could
get your spammer even off your mailserver. See 3 free lists below.
bl.spamcop.net,
relays.ordb.org,
sbl.spamhaus.org,
btw. preferably you use by today no longer pop-before-smtp, either use
smtp-auth. If you authenticate your users in pop/imap against mysql you
COULD use the same database for smtp either.
HTH
Roger
-------------- next part --------------
A non-text attachment was scrubbed...
Name: roger.vcf
Type: text/x-vcard
Size: 182 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20050314/aa22ca1e/attachment-0001.vcf>
More information about the fedora-list
mailing list