Re: Help with hijacked sendmail
From: hvdkooij@vanderkooij.orgDate: 09/27/01
- Previous message: Craig Holmes: "Re: A note about firewalls and ftp servers."
- In reply to: Mogens Valentin: "Re: Help with hijacked sendmail"
- Next in thread: Thiago Conde Figueiro: "MAPS RBL (was: help with hijacked sendmail)"
- Next in thread: info@perimeterdefence.com: "Re: Help with hijacked sendmail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: hvdkooij@vanderkooij.org Date: Thu, 27 Sep 2001 08:26:15 +0200 (CEST) To: Focus on Linux Mailing List <focus-linux@securityfocus.com> Subject: Re: Help with hijacked sendmail Message-ID: <Pine.LNX.4.33.0109270817540.24461-100000@ultra1.hugo.vanderkooij.org>
On Thu, 27 Sep 2001, Mogens Valentin wrote:
> "John S. Jacob" wrote:
> >
> > On Wed, Sep 26, 2001 at 10:34:21PM +0200, Mogens Valentin wrote:
> > > Sure, but all it takes to make sendmail resonably secure is update to
> > > latest version and do somthing like:
> >
> > Sendmail 8.11.6 is the current recommendation from Sendmail.org.
> >
> > To rid myself of most SPAM I also like to use the RBL. In sendmail.mc I
> > added:
> >
> > FEATURE(dnsbl,blackholes.mail-abuse.org', Mail from $&{client_addr}
> > rejected, see http://mail-abuse.org/cgi-bin/lookup?$&{client_addr}')dnl
> > FEATURE(dnsbl,relays.mail-abuse.org', Mail from $&{client_addr} rejected;
> > see http://mail-abuse.org/cgi-bin/nph-rss?$&{client_addr}')dnl
> > FEATURE(dnsbl,dialups.mail-abuse.org', Mail from dial-up rejected; see
> > http://mail-abuse.org/dul/enduser.htm')
> >
> > My outside SMTP receiver is now exim and it can also use the RBL:
> >
> > rbl_domains = blackholes.mail-abuse.org/reject :
> > dialups.mail-abuse.org/reject : relays.mail-abuse.org/reject
> > rbl_reject_recipients = true
>
> Thanks. I used to use RBL, but they changed.
> Maybe I've read mail-buse.org's access policies incorrectly. I thought
> they were exclusively on a pay basis? As I remember, their services
> seemed rather expensive for minor businesses...
RBL has shown some very unprofessional behavior which make them totally
unacceptable for any blacklisting in my book. They have shown to:
- blacklist competition like the ORBS project.
- insert backhole routes in key routing tables to reroute traffic away
from the ISP hosting the ORBS services.
It's up to you to decide wether you will trust this party to do the right
thing.
Hugo.
PS: Information was verified with a Dutch partner of the ORBS project.
--
All email send to me is bound to the rules described on my homepage.
hvdkooij@vanderkooij.org http://hvdkooij.xs4all.nl/
Don't meddle in the affairs of sysadmins,
for they are subtle and quick to anger.
- Previous message: Craig Holmes: "Re: A note about firewalls and ftp servers."
- In reply to: Mogens Valentin: "Re: Help with hijacked sendmail"
- Next in thread: Thiago Conde Figueiro: "MAPS RBL (was: help with hijacked sendmail)"
- Next in thread: info@perimeterdefence.com: "Re: Help with hijacked sendmail"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
