SMTP access
Gerry Doris
gdoris at rogers.com
Wed Apr 7 11:39:04 UTC 2004
On Tue, 6 Apr 2004, Michael Sullivan wrote:
> I read my log watch every day for my server PC each time I notice an
> attempted unauthorized access I run the IP through whois and then I send
> an email to the abuse@ address I see at the bottom of whois report.
> This morning I found a third attempt to send email through my smtp
> server from kornet.net. Is there anyone I can report them to if it
> happens again? I've sent them email all three times that they've
> attempted to use my server...
>
> -Michael Sullivan-
Well, I wish you the best of luck because you're going to need it. kornet
is a Korea operation that sends tons of spam. I actually got a reply back
from them one time that told me in very definite terms to stop bothering
them.
kornet.com owns a series of ip's. Just put the following line in
/etc/mail/access (assuming you're using sendmail)...
204.228.229 DISCARD
and then do a
makemap hash access < access
There is no need to restart sendmail. This will result in sendmail
discarding all further email from any of their ip's.
--
Gerry
"The lyfe so short, the craft so long to learne" Chaucer
More information about the redhat-list
mailing list