Mail Attack

Ed Wilts ewilts at ewilts.org
Tue Aug 23 18:32:26 UTC 2005


On Tue, Aug 23, 2005 at 01:08:15PM -0400, Tenacious One wrote:
> Jessica,
> Implement iptables to send them to neverneverland - nslookup the
> offending IP/domain and reject any traffic from that offender...

This can't work if the bounce messages are coming from legitimate source
addresses.   

        .../Ed

> On 8/23/05, Jessica Zhu <jessica at mathforum.org> wrote:
> > Hi,
> > 
> > It looks like we are experiencing the mail attack now.
> > 
> > In our maillog, we have a lot of User Unknown message like the following.
> > 
> > Aug 23 11:52:25  s1 sendmail[2110]: j7NFqPL02110:
> > <Oscard at mathforum.org>... User unknown
> > Aug 23 11:52:25 s1 sendmail[2110]: j7NFqPL02110: from=<>,
> > size=17601, class=0, nrcpts=0, proto=ESMTP, daemon=MTA,
> > relay=mail.vis-inc.net [66.77.28.202]
> > 
> > It looks like that all the from is <>, does anyone have the way to fight
> > against it.
> > 
> > Jessica
> 
> -- 
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
> 
> 

-- 
Ed Wilts, RHCE
Mounds View, MN, USA
mailto:ewilts at ewilts.org
Member #1, Red Hat Community Ambassador Program




More information about the redhat-list mailing list