[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vps-mail] Question re syntax for hosts.allow file

Subject: Re: [vps-mail] Question re syntax for hosts.allow file
From: Harrison Hind <hhind@xxxxxxxxxxxxx>
Date: Mon, 1 Dec 2003 15:59:54 +0000

Abigail,
  I notice that you are only blocking port 25.  On VPS1, sendmail answers 
ports 25, 5190, and 587.  Perhaps some connections are coming through the 
alternate ports?  Change your hosts.allow to read:

smtp aol submission : 207.164.7.0/24 : deny

(the word names for the port numbers are in /etc/services)

Good Luck,
Harrison.


On Sun, Nov 30, 2003 at 09:09:11PM -0800, Abigail Marshall wrote:
> WW> Abigail Marshall wrote:
> 
> >>If I want to block an entire Class C of IP addresses as opposed to
> >>individual IP's in the hosts.allow file, what is the correct syntax?
> >>
> >>smtp : 207.164.7.0/24 : deny
> >>  
> >>
> WW> The above probably works on VPS1 (where sendmail is started by iservd 
> WW> for each incoming e-mail message).
> 
> Thanks, I do have a VPS1, and it turns out that this does
> NOT work. (I don't know why - I just know that when I coded
> it that way and tested, it did not stop activity from the
> specified IP).
> 
> >>or
> >>
> >>smtp : 207.164.7. : deny
> >>
> >>  
> >>
> 
> This DOES work - again on a VPS1.
> 
> WW> You could also accomplish the same (i.e., block a class C network) in 
> WW> access.db, with a line that begins something like:
> 
> I am using hosts.allow specifically to try to stop hackers
> who are attempting to relay spam through my server. I find these
> hackers because I see messages generated that say "Relaying
> denied. Proper authentication required." I've found that the
> tcpwrap (again on VPS1) is less resource-intensive - also I
> am hoping that if the hackers keep getting the "refused
> connection" message rather than a sendmail message, they'll
> give up trying sooner.
> 
> I do know how to block class C networks via access.db,
> though I really wish I could use netmask notation (0/32,
> 0/24, 0/23) etc. as once you figure out what it all means,
> it is much more powerful.  But I don't think that works in
> access.db.
> 
> -Abigail
> 
> ======================================================================
> This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
> ======================================================================
======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
======================================================================

References:
- [vps-mail] Question re syntax for hosts.allow file
  - From: Abigail Marshall
- Re: [vps-mail] Question re syntax for hosts.allow file
  - From: Weldon Whipple
- Re[2]: [vps-mail] Question re syntax for hosts.allow file
  - From: Abigail Marshall

Prev by Date: Re: [vps-mail] savelogs - do I misunderstand dry-run
Next by Date: Re: [vps-mail] savelogs - do I misunderstand dry-run
Previous by thread: Re: Re[2]: [vps-mail] Question re syntax for hosts.allow file
Next by thread: [vps-mail] savelogs - do I misunderstand dry-run
Index(es):
- Date
- Thread

Main Index | Thread Index