SMTP access
Rhugga
redhat at zulu420.com
Wed Apr 14 23:34:03 UTC 2004
Gerry Doris wrote:
> On Tue, 6 Apr 2004, Michael Sullivan wrote:
>
>
>>I read my log watch every day for my server PC each time I notice an
>>attempted unauthorized access I run the IP through whois and then I send
>>an email to the abuse@ address I see at the bottom of whois report.
>>This morning I found a third attempt to send email through my smtp
>>server from kornet.net. Is there anyone I can report them to if it
>>happens again? I've sent them email all three times that they've
>>attempted to use my server...
>>
>>-Michael Sullivan-
>
>
> Well, I wish you the best of luck because you're going to need it. kornet
> is a Korea operation that sends tons of spam. I actually got a reply back
> from them one time that told me in very definite terms to stop bothering
> them.
>
> kornet.com owns a series of ip's. Just put the following line in
> /etc/mail/access (assuming you're using sendmail)...
>
> 204.228.229 DISCARD
>
> and then do a
>
> makemap hash access < access
>
> There is no need to restart sendmail. This will result in sendmail
> discarding all further email from any of their ip's.
>
!bounce !bounce. =P
More information about the redhat-list
mailing list