Mail Attack
Sysadmin
sysadmin_lists at iwapps.com
Tue Oct 4 15:33:29 UTC 2005
What setting did you use. I experience a LARGE amount of daily SPAM
traffic. SPAM to SPECIFIC accounts I can route to a bit bucket
(/dev/null) but would like to "quietly drop all the rest also. I am
running Postfix also (love it!!!)
Leon Sonntag
Network Administrator
At 12:32 PM 8/23/2005, you wrote:
>Jessica Zhu wrote:
>>Hi,
>>It looks like we are experiencing the mail attack now.
>>In our maillog, we have a lot of User Unknown message like the following.
>>Aug 23 11:52:25 s1 sendmail[2110]: j7NFqPL02110:
>><Oscard at mathforum.org>... User unknown
>>Aug 23 11:52:25 s1 sendmail[2110]: j7NFqPL02110: from=<>,
>>size=17601, class=0, nrcpts=0, proto=ESMTP, daemon=MTA,
>>relay=mail.vis-inc.net [66.77.28.202]
>>It looks like that all the from is <>, does anyone have the way to
>>fight against it.
>
>Someone may be trying a Non-Deliverable Relay (NDR). They send a
>message to a nonsense address in your domain and set the Reply-To:
>to the real victim. You bounce the message, effectivly delivering it for them.
>
>I had a problem ith this a while back and solved it by setting up a
>reciplient list. Anyone not on it is rejected which in postfix
>means is get dropped on the floor never to be seen again.
>
>--
>Stephen Carville <stephen at totalflood.com>
>Unix and Network Admin
>Nationwide Totalflood
>6033 W. Century Blvd
>Los Angeles, CA 90045
>310-342-3602
>
>--
>redhat-list mailing list
>unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
>https://www.redhat.com/mailman/listinfo/redhat-list
More information about the redhat-list
mailing list