[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[2]: [filtered-ww] [vps-mail] Issue re sendmail/ abuse (attempted relay????)

Subject: Re[2]: [filtered-ww] [vps-mail] Issue re sendmail/ abuse (attempted relay????)
From: Bruce Armstrong <aanchor@xxxxxxxxxxxxxxxxxxxxx>
Date: Sat, 23 Aug 2003 05:41:57 +0000 (GMT)

I'll be responding inline.

On Fri, 22 Aug 2003, Abigail Marshall wrote:

> BA> On VPS1, tcpwrappers can be used to block the connection without even
> BA> starting a sendmail process.
>
> BA> There are some other interesting possibilities with tcpwrappers, worth
> BA> checking out.
>
> Bruce,
>
> All I can say is wow ... I have seen server load go down
> before my eyes, almost instantly.
>
> Can the hosts.allow file be used in lieu of domain or IP
> specific blocking in the Sendmail Access file?
>
Yes

> Am I correct that it would work with even less impact on
> server resources, but that the difference would be that the
> sender would simply not be able to connect, as opposed to
> receiving a Sendmail-generated RFC error message?
>
You are correct

> Or is hosts.allow only going to work against those attempting
> an SMTP relay connection, rather than rejecting email simply
> sent from another server to a domain on the VPS1?
>
The hosts.allow file is used by iservd to determine whether or not to
allow a connection to a particular service.  The comments in the default
hosts.allow list a number of services you can allow or deny access to.
Among them are telnet, ftp, pop3, imap, etc.  If a default hosts.allow
doesn't exist, you can find one in the skel directory.  Most of my servers
got the new file when the change happened, but some didn't (I thought
that was odd).  Anyway, if you specify that a host can't connect to a
service, then the connections will be flat out refused or dropped.

Hope that helps. I'd direct you to the manpage, but it doesn't seem to
exist on the vps servers.

	--Bruce

======================================================================
Technical questions regarding this list may be sent to
<vps-mail-owner@xxxxxxxxxxxx>. You may request an automated help
response by sending an email with the word 'help' (w/o quotes) in the
BODY of the message (subject is ignored) to <vps-mail-request@xxxxxxxxxxxx>.
======================================================================

Follow-Ups:
- Re: [filtered-ww] [vps-mail] Issue re sendmail/ abuse (attempted relay????)
  - From: Tim Gorter

References:
- Re[2]: [filtered-ww] [vps-mail] Issue re sendmail/ abuse (attempted relay????)
  - From: Abigail Marshall

Prev by Date: Re[2]: [filtered-ww] [vps-mail] Issue re sendmail/ abuse (attempted relay????)
Next by Date: Re: [filtered-ww] [vps-mail] Issue re sendmail/ abuse (attempted relay????)
Previous by thread: Re[2]: [filtered-ww] [vps-mail] Issue re sendmail/ abuse (attempted relay????)
Next by thread: Re: [filtered-ww] [vps-mail] Issue re sendmail/ abuse (attempted relay????)
Index(es):
- Date
- Thread

Main Index | Thread Index