On Mar 13, 2009, at 1:49 PM, Michel van Deventer wrote:
> One way to get around it is to get yourself a VPS (virtual private
> server) for a small amount ($20/month?) and set up your own
> 'smarthost' (maybe together with some friends/coworkers?). You can
> then
> even use a non-standard port t
> I use zen.spamhaus.org on my server, so you're welcome to send a test
> message directly to me off list and see if it bounces or not (you will
> get greylisted first for 60 seconds)
Sent a test message. Here's what's in maillog:
Mar 14 11:00:28 mailserver sendmail[25108]: n2EF0LTt025094:
to=,
on 3-13-2009 11:53 AM Steve Thompson spake the following:
> On Fri, 13 Mar 2009, James Pifer wrote:
>
>> RR charges you an extra $50/mo for static ip! I don't have many other
>> choices for a decent high speed connection. DSL is too slow in my area.
>
> I have RR Business Class in in upstate NY,
on 3-13-2009 12:36 PM James Pifer spake the following:
>> The problem has nothing to do with the Smart host server entry.
>>
>> Read the information in the URL above and contact your ISP.
>>
>
> I understand the problem is I'm in a residential range of dynamic IP,
> even though I have commercial c
James Pifer wrote:
>> The masquerading options are for a different purpose.
>> I'm glad you got it sorted out.
>
>
> Although I'm able to send mail to most people without a problem using
> smarthost, I still have a few that bounce back with errors like:
> Your message was rejected by mail.lance.c
On Fri, 13 Mar 2009, James Pifer wrote:
> RR charges you an extra $50/mo for static ip! I don't have many other
> choices for a decent high speed connection. DSL is too slow in my area.
I have RR Business Class in in upstate NY, and TW charge me $20/mo for
a static IP.
Steve
Hi,
> RR charges you an extra $50/mo for static ip! I don't have many other
> choices for a decent high speed connection. DSL is too slow in my area.
We have some ISP's here in the Netherlands which have spam relayed
through their mailservers, which gives the same problem, blacklisted
smarthosts
> The problem has nothing to do with the Smart host server entry.
>
> Read the information in the URL above and contact your ISP.
>
I understand the problem is I'm in a residential range of dynamic IP,
even though I have commercial class, and I DID read the information in
the URL. That's how I v
At 02:05 PM 3/13/2009, you wrote:
>James Pifer wrote:
> >> The masquerading options are for a different purpose.
> >> I'm glad you got it sorted out.
> >>
> >
> >
> > Although I'm able to send mail to most people without a problem using
> > smarthost, I still have a few that bounce back with errors
On Fri, Mar 13, 2009, William L. Maltby wrote:
>
>On Fri, 2009-03-13 at 14:51 -0400, James Pifer wrote:
>> > The masquerading options are for a different purpose.
>> > I'm glad you got it sorted out.
>>
>>
>> Although I'm able to send mail to most people without a problem using
>> smarthost, I st
On Fri, 2009-03-13 at 14:51 -0400, James Pifer wrote:
> > The masquerading options are for a different purpose.
> > I'm glad you got it sorted out.
>
>
> Although I'm able to send mail to most people without a problem using
> smarthost, I still have a few that bounce back with errors like:
> You
James Pifer wrote:
>> The masquerading options are for a different purpose.
>> I'm glad you got it sorted out.
>>
>
>
> Although I'm able to send mail to most people without a problem using
> smarthost, I still have a few that bounce back with errors like:
> Your message was rejected by mail.l
> The masquerading options are for a different purpose.
> I'm glad you got it sorted out.
Although I'm able to send mail to most people without a problem using
smarthost, I still have a few that bounce back with errors like:
Your message was rejected by mail.lance.com for the following reason:
David G. Miller wrote:
> Toby Bluhm wrote:
>
>
>> Or switch to postfix. I plunked "relayhost = smtp-server.roadrunner.com"
>> into main.cf & away it went.
>>
> Having read the rest of the thread, I respond at the risk of furthering
> the flames. The sendmail configuration line is just a
Toby Bluhm wrote:
> Or switch to postfix. I plunked "relayhost = smtp-server.roadrunner.com"
> into main.cf & away it went.
Having read the rest of the thread, I respond at the risk of furthering
the flames. The sendmail configuration line is just as trivial:
define('SMART_HOST','[smarthost.e
on 12-11-2008 4:43 AM James Pifer spake the following:
>> I think all the masquerade options are causing your problems. Just set the
>> proper smarthost and restore the other options to what they were and then
>> test.
>>
>>
>
> Scott,
>
> Thanks, removing the masquerade options did fix it. I'm
> I think all the masquerade options are causing your problems. Just set the
> proper smarthost and restore the other options to what they were and then
> test.
>
>
Scott,
Thanks, removing the masquerade options did fix it. I'm back to using
smarthost instead of mailertable. Thanks.
Also, th
sos.net.nz>
Spiro Harvey wrote on Thu, 11 Dec 2008 13:56:04 +1300:
> 3: what if he has a bunch of milters or related programs that rely on
> sendmail? are they all available for postfix? what needs to be changed
> to match his current environment? have you thought about that? has
> anyone asked J
Spiro Harvey wrote:
>> It's simpler for non-experts to change the postfix configuration than
>> to change the sendmail configuration. So, why shouldn't he not
>> suggest it?
>
> because it's stupid, lazy advice.
>
Will it not work? Will it make someone's brain rot and fall out? Could
one switch
On Wed, Dec 10, 2008 at 4:32 PM, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
>
> It's simpler for non-experts to change the postfix configuration than to
> change the sendmail configuration. So, why shouldn't he not suggest it?
>
According to my reading of this, you're asking, "Why should he suggest i
On Thu, Dec 11, 2008, Spiro Harvey wrote:
>> >> define(`SMART_HOST',`smtp-server.carolina.rr.com')dnl
>> >> MASQUERADE_AS(carolina.rr.com)dnl
>> Or switch to postfix. I plunked "relayhost =
>> smtp-server.roadrunner.com" into main.cf & away it went.
>
>why change software just because one configura
> It's simpler for non-experts to change the postfix configuration than
> to change the sendmail configuration. So, why shouldn't he not
> suggest it?
because it's stupid, lazy advice.
1: it's easy for non-experts to edit the sendmail configuration too...
as long as they're editing the mc file,
on 12-10-2008 4:32 PM Kai Schaetzl spake the following:
> Spiro Harvey wrote on Thu, 11 Dec 2008 11:33:24 +1300:
>
>> Let me do the math: zero, multiplied by zero, carry the zero...
>
> It's simpler for non-experts to change the postfix configuration than to
> change the sendmail configuration.
Spiro Harvey wrote on Thu, 11 Dec 2008 11:33:24 +1300:
> Let me do the math: zero, multiplied by zero, carry the zero...
It's simpler for non-experts to change the postfix configuration than to
change the sendmail configuration. So, why shouldn't he not suggest it?
Kai
--
Kai Schätzl, Berlin,
> > why change software just because one configuration line is
> > different?
> Main point was the RR relay host works.
So your solution is to change software?
Wouldn't it be smarter to figure out what the problem actually is?
Because as you say, the RR host doesn't appear to be the problem. So i
Spiro Harvey wrote:
>
> why change software just because one configuration line is different?
>
Main point was the RR relay host works.
--
tkb
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
James Pifer wrote:
> I've tried adding these lines to my sendmailmc and rebuilding it, but
> then nothing routes, not even local.
>
> define(`SMART_HOST',`smtp-server.carolina.rr.com')dnl
> MASQUERADE_AS(carolina.rr.com)dnl
> FEATURE(`allmasquerade')dnl
> FEATURE(`masquerade_envelope')dnl
>
wh
> >> define(`SMART_HOST',`smtp-server.carolina.rr.com')dnl
> >> MASQUERADE_AS(carolina.rr.com)dnl
> Or switch to postfix. I plunked "relayhost =
> smtp-server.roadrunner.com" into main.cf & away it went.
why change software just because one configuration line is different?
--
Spiro Harvey
Scott Silva wrote:
> on 12-10-2008 8:02 AM James Pifer spake the following:
>> On Tue, 2008-12-09 at 16:26 -0500, James Pifer wrote:
>>> Thanks to all. For now I've stopped it using iptables. I tried stopping
>>> it at my router without success, yet another reason to replace it! I
>>> will also rep
on 12-10-2008 8:02 AM James Pifer spake the following:
> On Tue, 2008-12-09 at 16:26 -0500, James Pifer wrote:
>> Thanks to all. For now I've stopped it using iptables. I tried stopping
>> it at my router without success, yet another reason to replace it! I
>> will also report it to [EMAIL PROTECTE
James Pifer wrote on Wed, 10 Dec 2008 13:26:53 -0500:
> Anyway, I tried setting up smarthost and was not able to get it to work,
You should then contact their support. It got to work.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
_
On Wed, Dec 10, 2008 at 12:40 PM, Ned Slider <[EMAIL PROTECTED]> wrote:
> Bill Campbell wrote:
>> Your IP address, 70.62.90.185, is listed on zen.spamhaus.org, and
>> you can probably go to their web site to see why it's listed.
> It's listed on zen.spamhaus.org because it's in pbl.spamhaus.org w
on 12-10-2008 9:16 AM Bill Campbell spake the following:
> On Wed, Dec 10, 2008, James Pifer wrote:
>> On Tue, 2008-12-09 at 16:26 -0500, James Pifer wrote:
>>> Thanks to all. For now I've stopped it using iptables. I tried stopping
>>> it at my router without success, yet another reason to replace
Bill Campbell wrote on Wed, 10 Dec 2008 09:16:58 -0800:
> Your IP address, 70.62.90.185, is listed on zen.spamhaus.org, and
> you can probably go to their web site to see why it's listed.
Well, it's not his fault:
http://www.spamhaus.org/pbl/query/PBL238253
Roadrunner is not meant for mailserve
> so, using a roadrunner mail server as a "smarthost" is the only viable
> choice
>
I looked at it too. On PBL. So it's possible that Time Warner just
recently updated the list or something?
Anyway, I tried setting up smarthost and was not able to get it to work,
but I was successful setting u
On Wed, Dec 10, 2008, John R Pierce wrote:
>Ned Slider wrote:
>> Bill Campbell wrote:
>>
>>> Your IP address, 70.62.90.185, is listed on zen.spamhaus.org, and
>>> you can probably go to their web site to see why it's listed.
>>>
>>
>> It's listed on zen.spamhaus.org because it's in pbl.spam
Ned Slider wrote:
> Bill Campbell wrote:
>
>> Your IP address, 70.62.90.185, is listed on zen.spamhaus.org, and
>> you can probably go to their web site to see why it's listed.
>>
>
> It's listed on zen.spamhaus.org because it's in pbl.spamhaus.org which
> is a policy blocklist:
>
> http:/
Bill Campbell wrote:
> On Wed, Dec 10, 2008, James Pifer wrote:
>> My issues have gotten worse. Apparently over the last few days my ip
>> address has gotten blacklisted. No idea why. Even though I have a
>> commercial class cable modem service, my ip is residential because it
>> comes to my house.
> I have see quite a few cases where spam is sent from webmail
> accounts (mostly squirrelmail) by crackers who get access via
> weak passwords found by imap/pop probes as you described.
>
> It's been my experience in the 15 years we have been doing
> support for regional ISPs that well over 50% of
On Wed, Dec 10, 2008, James Pifer wrote:
>On Tue, 2008-12-09 at 16:26 -0500, James Pifer wrote:
>> Thanks to all. For now I've stopped it using iptables. I tried stopping
>> it at my router without success, yet another reason to replace it! I
>> will also report it to [EMAIL PROTECTED]
>>
>
>My i
On Wed, 10 Dec 2008 12:02:22 -0500
John Hinton wrote:
> If you are being blacklisted, email is almost certainly coming out of
> your server which contains spam. Depending on the lists, it could be
> spewing a lot.
Not necessarily. I had one helluva time getting my mailserver off of the SORBS
d
James Pifer wrote:
> On Tue, 2008-12-09 at 16:26 -0500, James Pifer wrote:
>
>> Thanks to all. For now I've stopped it using iptables. I tried stopping
>> it at my router without success, yet another reason to replace it! I
>> will also report it to [EMAIL PROTECTED]
>>
>>
>
> My issues ha
Ned Slider wrote:
> Chris Boyd wrote:
>
>> You can keep compromised accounts from logging in via ssh with the
>> "AllowUsers" option in your /etc/ssh/sshd_config file. Add that
>> option followed by a list of user names that you want to be able to
>> log in, ex:
>>
>> # Only let Fred Guru
>> Thanks to all. For now I've stopped it using iptables. I tried stopping
>> it at my router without success, yet another reason to replace it! I
>> will also report it to [EMAIL PROTECTED]
>>
>
> My issues have gotten worse. Apparently over the last few days my ip
> address has gotten blacklisted
On Tue, 2008-12-09 at 16:26 -0500, James Pifer wrote:
> Thanks to all. For now I've stopped it using iptables. I tried stopping
> it at my router without success, yet another reason to replace it! I
> will also report it to [EMAIL PROTECTED]
>
My issues have gotten worse. Apparently over the las
2008/12/9 James Pifer <[EMAIL PROTECTED]>:
> I was looking at my maillog and it looks like someone is trying to get
> into my pop3 server.
>
> Dec 9 15:28:54 mailserver dovecot: pop3-login: Aborted login: user=,
> method=PLAIN, rip=:::66.167.184.203, lip=:::192.168.1.2
Do you really nee
On Tue, Dec 9, 2008 at 7:17 PM, Scott Silva <[EMAIL PROTECTED]> wrote:
> on 12-9-2008 4:06 PM Lanny Marcus spake the following:
>> On Tue, Dec 9, 2008 at 6:33 PM, Scott Silva
>> wrote:
>>> on 12-9-2008 3:11 PM Lanny Marcus spake the following:
>>
>> And the folks who wrote the Proprietary Langu
Chris Boyd wrote:
>
> You can keep compromised accounts from logging in via ssh with the
> "AllowUsers" option in your /etc/ssh/sshd_config file. Add that
> option followed by a list of user names that you want to be able to
> log in, ex:
>
> # Only let Fred Guru and Joe Admin in, block an
On Tue, Dec 09, 2008, Chris Boyd wrote:
>
>On Dec 9, 2008, at 2:33 PM, Bill Campbell wrote:
>
>> Once the cracker finds an account with a guessable password, they
>> may well
>> be able to get access to your system as that user via ssh, webmin,
>> usermin,
>> or other means. Given shell access
on 12-9-2008 4:06 PM Lanny Marcus spake the following:
> On Tue, Dec 9, 2008 at 6:33 PM, Scott Silva
> wrote:
>> on 12-9-2008 3:11 PM Lanny Marcus spake the following:
>
>> I don't run my servers through IPCop. It is just for internet access and
>> office to office tunnels. It is a lot easier to
On Tue, Dec 9, 2008 at 6:33 PM, Scott Silva <[EMAIL PROTECTED]> wrote:
> on 12-9-2008 3:11 PM Lanny Marcus spake the following:
> I don't run my servers through IPCop. It is just for internet access and
> office to office tunnels. It is a lot easier to set up and do things then the
> Siemens T1 ro
On Dec 9, 2008, at 2:33 PM, Bill Campbell wrote:
> Once the cracker finds an account with a guessable password, they
> may well
> be able to get access to your system as that user via ssh, webmin,
> usermin,
> or other means. Given shell access, the cracker can install user-
> level IRC
> s
on 12-9-2008 3:11 PM Lanny Marcus spake the following:
> On Tue, Dec 9, 2008 at 4:26 PM, James Pifer
> wrote:
>> Thanks to all. For now I've stopped it using iptables. I tried stopping
>> it at my router without success, yet another reason to replace it! I
>> will also report it to [EMAIL PROTECT
bject: Re: [CentOS] pop3 attack
On Tue, Dec 9, 2008 at 4:26 PM, James Pifer <[EMAIL PROTECTED]> wrote:
> Thanks to all. For now I've stopped it using iptables. I tried stopping
> it at my router without success, yet another reason to replace it! I
> will also report it to [EMAIL
On Tue, Dec 9, 2008 at 4:26 PM, James Pifer <[EMAIL PROTECTED]> wrote:
> Thanks to all. For now I've stopped it using iptables. I tried stopping
> it at my router without success, yet another reason to replace it! I
> will also report it to [EMAIL PROTECTED]
Great. Scott can tell you whether or no
Thanks to all. For now I've stopped it using iptables. I tried stopping
it at my router without success, yet another reason to replace it! I
will also report it to [EMAIL PROTECTED]
Thanks,
James
___
CentOS mailing list
CentOS@centos.org
http://lists.c
on 12-9-2008 12:17 PM James Pifer spake the following:
> I was looking at my maillog and it looks like someone is trying to get
> into my pop3 server.
>
> Dec 9 15:28:54 mailserver dovecot: pop3-login: Aborted login: user=,
> method=PLAIN, rip=:::66.167.184.203, lip=:::192.168.1.2
> Dec
Bill Campbell wrote:
> On Tue, Dec 09, 2008, James Pifer wrote:
>> I was looking at my maillog and it looks like someone is trying to get
>> into my pop3 server.
>>
>> Dec 9 15:28:54 mailserver dovecot: pop3-login: Aborted login:
>> user=, method=PLAIN, rip=:::66.167.184.203,
>> lip=:::
On Tue, Dec 9, 2008 at 3:17 PM, James Pifer <[EMAIL PROTECTED]> wrote:
> I was looking at my maillog and it looks like someone is trying to get
> into my pop3 server.
About 5 or 6 years ago, I couldn't access my POP3 mail on my web site.
When I contacted OLM Tech Support, they discovered that som
On Tue, Dec 9, 2008 at 2:17 PM, James Pifer <[EMAIL PROTECTED]> wrote:
> I was looking at my maillog and it looks like someone is trying to get
> into my pop3 server.
>
> Dec 9 15:28:54 mailserver dovecot: pop3-login: Aborted login: user=,
> method=PLAIN, rip=:::66.167.184.203, lip=:::192
On Tue, Dec 09, 2008, James Pifer wrote:
>I was looking at my maillog and it looks like someone is trying to get
>into my pop3 server.
>
>Dec 9 15:28:54 mailserver dovecot: pop3-login: Aborted login: user=,
>method=PLAIN, rip=:::66.167.184.203, lip=:::192.168.1.2
>Dec 9 15:29:08 mailser
I was looking at my maillog and it looks like someone is trying to get
into my pop3 server.
Dec 9 15:28:54 mailserver dovecot: pop3-login: Aborted login: user=,
method=PLAIN, rip=:::66.167.184.203, lip=:::192.168.1.2
Dec 9 15:29:08 mailserver dovecot: pop3-login: Aborted login: user=,
62 matches
Mail list logo
