On BSDI, add the following line to /etc/hosts.deny
smtp: ALL
Then add something like the following to /etc/hosts.allow
ALL: LOCAL, .yourdomain.com
Then set up a second MX record in your DNS configuration to point to =
your secondary mail server.=20
When other servers need to send email to your customers, they'll first =
attempt to contact the primary MX machine, get denied, then try the =
second MX record which will succeed. Sendmail on the second will =
automatically forward the email to your primary machine.
It appears that most spammers only use email regular clients, which =
don't bother to look at the second MX machine, so this should at least =
get you out of the woods until you can set up a more elaborate filter.
Another way to avoid the problem is to simply list your upstream =
provider's mail server as your primary MX machine.
Hope this helps.
David Cecil
ConnectUp, Inc.
davidc@connectup.com
----------
From: Dave Kennedy[SMTP:davek@www.muscle.net]
Sent: Wednesday, May 14, 1997 4:45 AM
To: portmaster-users@livingston.com
Subject: Filtering for SPAM mailing
I need some fast help here. Starting yesterday around 2:30pm, my
mail server pop.muscle.net began being used as an intermediate site
for spamming 1000s of AOL users. Needless to say, I'm most unhappy
with this. Disabling sendmail (SW Linux running 1.2.13) obviously
stops this, but also prevents my users from receiving their mail.
The reply-to is from slink.com, but gte.net is the actual sender
as far as I can tell from the logs.
relay=3Dlkl235187.gte.net [207.115.235.187]
What filter can I set on my PM2E to prevent traffic from gte.net
from my site? Any other suggestions are welcome, also.
Thanks for your help. This is a majorly annoying!
davek
--=20
| Dave Kennedy (davek@muscle.net) Voice: 770-368-1514 |
| Multi-User Systems, Inc. Putting MUSCLE in Internet Access |