At 21:17 11/9/2002, Jack L. Stone wrote:
>At 03:04 AM 11.10.2002 +0100, Gustaf Sjoberg wrote:
>>On Sat, 09 Nov 2002 15:13:09 -0600
>>"W. D." <[EMAIL PROTECTED]> wrote:
>>
>>either block incomming port 25 connections or set the smtserver to require
>authentication.
>>
>>ipfw entry could look something like:
>>
>>add <rule#> deny log tcp from any to <yourip> 25 in recv <interface>
This would completely block SMTP wouldn't it? I do have clients
on this server using email.
>>
>>>Hi folks,
>>>
>>>I've got some bozo from:
>>>
>>> SpaWeb1.spaelegance.com..auth
>>>
>>>doing all kinds of SMTP activity on my FreeBSD server. Does anyone
>>>know how to stop this? What kind of entry would I add to ipfw?
>>>
>>>Does anyone know what vulnerability this might be? How to stop
>>>permanently?
>>>
>
>Get the IP of the spammer if possible. I've had to use a total block like
>this:
>##### DENY INTRUDER through external interface
> #${fwcmd} add deny all from 66.000.00.000 to any via ${oif}
Where is ${oif} defined?
When I run a command like this it doesn't understand 'fwcmd'.
usw2# {fwcmd} add deny log all from 168.93.100.59/16 to any in via ${oif}
oif: Undefined variable.
usw2# {fwcmd} add deny log all from 168.93.100.59/16 to any in via lo0
fwcmd: Command not found.
>
>Reload the firewall rules....
>
>Best regards,
>Jack L. Stone,
>Administrator
>
>SageOne Net
>http://www.sage-one.net
>[EMAIL PROTECTED]
Start Here to Find It Fast!© -> http://www.US-Webmasters.com/best-start-page/
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
