On Thu, 03 Jun 2004 at 9:42:12 -0500, David Stanaway wrote:
>
> Has anyone else been receiving unusual spam recently which contains no
> content?
Yes.
> Is this some spam engine checking MTAs to see if the addresses are
> accepted?
It also wonders me. Quite possible.
--
to describe it in detail off the top
> of my head, but the paralell seems obvious)
>
In case it's of any help, there's some documentation on how ClamAV
mirrors are set - at http://www.clamav.net/doc/mirrors/ .
HTH
--
Tomasz PapszunSysAdm @ TP S.A. Lodz, Poland| And it&#
7;t know the answer for your question on libraries. For free
antivirus:
there are some free antivirus programs; the most popular are ClamAV and
OpenAntiVirus (they can be somehow related, I don't know the details).
Check http://www.linux-sec.net/Mail/antivirus.gwif.html#AntiVirus
--
necessary. Anybody
> wrote a doc on how to suppress unnecessary version-messages? I'd be
> really interested in such things ...
>
In apache's config:
ServerTokens ProductOnly
ServerSignature Off
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
ea. Consider what happens when someone forges the IP
> addresses.
>
One can predefine trusted or other very important IP addresses which
cannot be blocked.
In fact, such an utility exists and is present in Debian Woody:
fwlogwatch.
HTH
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
On Tue, 01 Jul 2003 at 15:13:00 -0400, Matt Zimmerman wrote:
> On Tue, Jul 01, 2003 at 05:57:27PM +0200, Tomasz Papszun wrote:
>
> > On Mon, 30 Jun 2003 at 22:39:15 -0400, Matt Zimmerman wrote:
> > > Not really a good idea. Consider what happens when someone forges t
them from using other (not their own) sender
addresses from your domain, you must use SMTP AUTH, I'm afraid.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
rooting postfix processes.
>
In Debian, postfix is chrooted by default.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
On Wed, 20 Aug 2003 at 12:59:39 +0200, Lupe Christoph wrote:
> Quoting Tomasz Papszun <[EMAIL PROTECTED]>:
> > On Wed, 20 Aug 2003 at 10:55:55 +0200, Sven Riedel wrote:
>
> > > is there any documentation on securing a postfix server readily
> > > available
tworks"
somewhere in the config and "mynetworks" parameter too wide.
Oh, remember to always show the result of 'postconf -n' when asking at
the postfix-users list.
HTH
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
developing it
(among others by submitting samples of new viruses) is a "Good Thing".
ClamAV is supported in Debian and it's very well integrated with
amavisd-new (which, in turn, can be used also with spamassassin).
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
deb http://people.debian.org/~aurel32/BACKPORTS woody main
Aurelien Jarno makes the backports quickly.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
ell integrated with
amavisd-new (which, in turn, can be used also with spamassassin).
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
TECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
=========
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
[EMAIL PROTECTED] http://www.ClamAV.net/ A GPL virus scanner
7;t know the answer for your question on libraries. For free
antivirus:
there are some free antivirus programs; the most popular are ClamAV and
OpenAntiVirus (they can be somehow related, I don't know the details).
Check http://www.linux-sec.net/Mail/antivirus.gwif.html#AntiVirus
--
necessary. Anybody
> wrote a doc on how to suppress unnecessary version-messages? I'd be
> really interested in such things ...
>
In apache's config:
ServerTokens ProductOnly
ServerSignature Off
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMA
ea. Consider what happens when someone forges the IP
> addresses.
>
One can predefine trusted or other very important IP addresses which
cannot be blocked.
In fact, such an utility exists and is present in Debian Woody:
fwlogwatch.
HTH
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Pola
On Tue, 01 Jul 2003 at 15:13:00 -0400, Matt Zimmerman wrote:
> On Tue, Jul 01, 2003 at 05:57:27PM +0200, Tomasz Papszun wrote:
>
> > On Mon, 30 Jun 2003 at 22:39:15 -0400, Matt Zimmerman wrote:
> > > Not really a good idea. Consider what happens when someone forges t
them from using other (not their own) sender
addresses from your domain, you must use SMTP AUTH, I'm afraid.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
rooting postfix processes.
>
In Debian, postfix is chrooted by default.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
On Wed, 20 Aug 2003 at 12:59:39 +0200, Lupe Christoph wrote:
> Quoting Tomasz Papszun <[EMAIL PROTECTED]>:
> > On Wed, 20 Aug 2003 at 10:55:55 +0200, Sven Riedel wrote:
>
> > > is there any documentation on securing a postfix server readily
> > > available
tworks"
somewhere in the config and "mynetworks" parameter too wide.
Oh, remember to always show the result of 'postconf -n' when asking at
the postfix-users list.
HTH
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.l
developing it
(among others by submitting samples of new viruses) is a "Good Thing".
ClamAV is supported in Debian and it's very well integrated with
amavisd-new (which, in turn, can be used also with spamassassin).
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it&#
deb http://people.debian.org/~aurel32/BACKPORTS woody main
Aurelien Jarno makes the backports quickly.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a
ell integrated with
amavisd-new (which, in turn, can be used also with spamassassin).
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
IL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
=====
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
[EMAIL
On Thu, 03 Jun 2004 at 9:42:12 -0500, David Stanaway wrote:
>
> Has anyone else been receiving unusual spam recently which contains no
> content?
Yes.
> Is this some spam engine checking MTAs to see if the addresses are
> accepted?
It also wonders me. Quite possible.
--
On Wed, 02 Feb 2005 at 17:55:32 +0100, Giacomo Mulas wrote:
> On Wed, 2 Feb 2005, Tomasz Papszun via RT wrote:
>
> >>Please stop sending automated replies to Debian mailing lists.
>
> please, next time you (rightly) complain about noise on the list, avoid
> quoting a
On Tue, 12 Jun 2001 at 8:44:53 +0100, Tim Haynes wrote:
>
> found at <http://spodzone.org.uk/packages/secure/iptables.sh>.
404 Not Found
The requested URL /packages/secure/iptables.sh was not found on this
server.
--
Tomasz Papszun SysAdm @
rm *all*
of ClamAV users, not only the ones running old versions.
Best regards
--
Tomasz Papszun | And it's only
tomek at lodz.tpsa.pl http://www.lodz.tpsa.pl/iso/ | ones and zeros.
tomek at clamav.net http://www.ClamAV.net/ A GPL viru
On Thu, 08 Oct 2009 at 13:09:02 +0200, Bastian Blank wrote:
> On Thu, Oct 08, 2009 at 12:25:51PM +0200, Tomasz Papszun wrote:
> > Sorry, it may seem a little harsh,
>
> Why?
Well, from the Paul's message I had an impression he felt so :-).
> >
On Tue, 12 Jun 2001 at 8:44:53 +0100, Tim Haynes wrote:
>
> found at <http://spodzone.org.uk/packages/secure/iptables.sh>.
404 Not Found
The requested URL /packages/secure/iptables.sh was not found on this
server.
--
Tomasz Papszun Sys
e suided script to
^
I can't answer your questions - I know too little. Just one remark:
AFAIK, Linux doesn't support suided shell scripts. At least it didn't do
that a few years ago when I tried to use a suided script. I haven't
checked that since then.
Hop
ouple of hundreds to a thousand of such
messages each week. Evidences od misconfigured nameservers. Maybe someone
could explain it in detail?...
> violation. What can I do about it?
"Violation" is because of word "bad". As long as zones mentioned are not
yours, you can safely ignor
.
[ > 11 lines deleted ]
You could shorten your .sig. It should not exceed 4-5 lines.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subjec
ndreds to a thousand of such
messages each week. Evidences od misconfigured nameservers. Maybe someone
could explain it in detail?...
> violation. What can I do about it?
"Violation" is because of word "bad". As long as zones mentioned are not
yours, you can safely ignor
e suided script to
^
I can't answer your questions - I know too little. Just one remark:
AFAIK, Linux doesn't support suided shell scripts. At least it didn't do
that a few years ago when I tried to use a suided script. I haven't
checked that since then.
Hope it
#x27;m not sure which way is the best in
your case but uninstall portmap or
'/etc/init.d/portmap stop' and edit this file so that it exits before
starting the service (it may be not the most "debianish" way but it acts
as a workaround).
--
Tomasz Papszun SysAdm @ TP S.A. Lodz
.
[ > 11 lines deleted ]
You could shorten your .sig. It should not exceed 4-5 lines.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROTECTED] http://www.lodz.tpsa.pl/ | ones and zeros.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subjec
If I understand you correctly, you wonder what goes on when this host
connects and later disconnects _without_ sending anything.
You can have more details in log about this host's activity if you add to
main.cf:
debug_peer_list = 192.168.2.1
and possibly:
debug_peer_level = 2
(or maybe bigger n
erence the Portsentry
> site at this point, but figured that this may be a common occurance.
>
Yes, that's the way portsentry works. It listens on some ports to detect
illegal connections to them.
--
Tomasz Papszun SysAdm @ TP S.A. Lodz, Poland | And it's only
[EMAIL PROT
he show ' and http://packages.debian.org/
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.2.5 (GNU/Linux)
>
> iD8DBQFB/5XHW5ql+IAeqTIRAkpkAKCe9RF1LswG8hauggRbypCgsGxfygCeK10Z
> F2TH29V21YfxpuF3gCLIDxE=
> =KEhs
> -END PGP SIGNATURE-
>
>
> --
&g
On Wed, 02 Feb 2005 at 17:28:53 +0100, Tomasz Papszun wrote:
> On Tue, 01 Feb 2005 at 15:20:36 +, Abel wrote:
> > This message has been automatically generated in response to the creation
> > of a ticket regarding: "[SECURITY] [DSA 662-1] New squirrelmail packag
43 matches
Mail list logo
