-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Yep, NMS is what I'd recommend. btw I co-wrote the advisory
on these issues ;) --
http://cert.uni-stuttgart.de/archive/bugtraq/2002/01/msg00311.html
- --j.
[EMAIL PROTECTED] writes:
> This is old news...I got nailed with the Matt's FormMail.pl hac
This is old news...I got nailed with the Matt's FormMail.pl hack a couple
of years ago...the solution is to use the NMS ("Not Matt's Scripts")
drop-in replacement:
http://nms-cgi.sourceforge.net/
AFAIK, the NMS version is imune to these hacks, if implemented properly.
On Mon, 7 Feb 2005, Rakesh
Hi all,
Since this specific post involves the FormMail.pl, I thought you guys
might be interested in this article and its suggestions
http://www.linuxexposed.com/Articles/Hacking/The-FormMail-Hack-Explained.html
regards
Rakesh
EB wrote:
Hi Kenneth:
But did you change the /etc/rc.d/init.d/sendmail
Hi Kenneth:
But did you change the /etc/rc.d/init.d/sendmail file to point
elsewhere? Because it's pointing to the /usr/sbin/sendmail now and
it's expecting it as a daemon.
Karen
On Fri, 04 Feb 2005 15:18:10 -0600, Kenneth Andresen <[EMAIL PROTECTED]> wrote:
> Hello Filip,
>
> Thank you for y
Hello Filip,
Thank you for your script! I have been looking up several alternative
paths now, and yours seem to be the better way to go.
I had not noticed before that /usr/sbin/sendmail in fact only was a
symlink. I have been testing your script, and it is necessary for me to
modify it.
This is
Evan Platt wrote:
At 08:24 AM 2/1/2005, you wrote:
We checked the maillog. But the session shows as [127.0.0.1]
127.0.0.1. What config did you put in sendmail to make it shows more?
No idea. I knew about enough to grep the maillogs, modify a config file
here and there, but that's it.
Maybe som
I must admit I do not like formmail at all.
At one side I try to get rid of spam (and help others to get rid of their spam)
At the other side I help people creating their mail forms - and formmail can be
quite an
obstacle:
- many versions include a referer check which would not really prevent a s
We had downloaded the latest anti-spam formmail.pl that has
allowedReceipients. However, I think the spammer is violating it by
putting the right receipient in the "To" field and then add a lot of
Bcc receipients. Anyone knows if there's a formmail version that
disallow any Bcc and Cc or at least
EB wrote:
We also have a problem to scan outgoing mail. It seems like a user on
our server is making scripts to send out spam to a large list of AOL
users in the "Cc" part that we are still trying to track them down.
The mail header looks as it was sent from our local 127.0.0.1 from
[EMAIL PROTEC
Hello EB,
Tuesday, February 1, 2005, 8:22:15 AM, you wrote:
E> We had secured the formmail.pl with the anti-spam version, and we had
E> searched all httpd logs while the spamming occured, but there wasn't
E> any suspicious call to cgi scripts. We think it could be something
E> harder to check, w
Hello EB,
Tuesday, February 1, 2005, 6:34:25 AM, you wrote:
E> Is there a way in spamassassin that we can set a rule to reject
E> mail that contains a large list of "Cc" ?
SA doesn't reject anything, but if you want a rule that will catch a
large list of Cc entries, you can adapt this new rule f
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Jim Maul writes:
> EB wrote:
> > We had secured the formmail.pl with the anti-spam version, and we had
> > searched all httpd logs while the spamming occured, but there wasn't
> > any suspicious call to cgi scripts. We think it could be something
> >
EB wrote:
We had secured the formmail.pl with the anti-spam version, and we had
searched all httpd logs while the spamming occured, but there wasn't
any suspicious call to cgi scripts. We think it could be something
harder to check, which is PHP.
Could you perhaps grep the apache log and count eac
We had secured the formmail.pl with the anti-spam version, and we had
searched all httpd logs while the spamming occured, but there wasn't
any suspicious call to cgi scripts. We think it could be something
harder to check, which is PHP.
On Tue, 1 Feb 2005 10:37:26 -0400, Michael 'Moose' Dinn
<[E
EB wrote:
We also have a problem to scan outgoing mail. It seems like a user on
our server is making scripts to send out spam to a large list of AOL
users in the "Cc" part that we are still trying to track them down.
The mail header looks as it was sent from our local 127.0.0.1 from
[EMAIL PROTEC
At 08:24 AM 2/1/2005, you wrote:
We checked the maillog. But the session shows as [127.0.0.1]
127.0.0.1. What config did you put in sendmail to make it shows more?
No idea. I knew about enough to grep the maillogs, modify a config file
here and there, but that's it.
Maybe someone else here know
We checked the maillog. But the session shows as [127.0.0.1]
127.0.0.1. What config did you put in sendmail to make it shows more?
On Tue, 01 Feb 2005 07:26:29 -0800, Evan Platt <[EMAIL PROTECTED]> wrote:
> At 06:34 AM 2/1/2005, you wrote:
> >We also have a problem to scan outgoing mail. It see
At 06:34 AM 2/1/2005, you wrote:
We also have a problem to scan outgoing mail. It seems like a user on
our server is making scripts to send out spam to a large list of AOL
users in the "Cc" part that we are still trying to track them down.
The mail header looks as it was sent from our local 127.0.
We also have a problem to scan outgoing mail. It seems like a user on
our server is making scripts to send out spam to a large list of AOL
users in the "Cc" part that we are still trying to track them down.
The mail header looks as it was sent from our local 127.0.0.1 from
[EMAIL PROTECTED] user,
Well, for the past year or so I've been using a FreeBSD box running
postfix/amavisd/spamassassin.
All outbound mail from our mx goes to this server and is scanned. Anything
scoring 14 or more is sent to a quarantine mailbox.
This has saved my butt many, many times. Just yesterday, one of our ca
At 02:42 PM 1/31/2005, you wrote:
Hello all,
I am looking for a way to spam-check outgoing mail, so the users
registered with my server cannot send out spam (or viruses).
My server is using squirrelmail for sending e-mail, so the mail is
generated on the server and sent directly using SMTP (in squi
Kenneth Andresen wrote:
How is it possible to make such a sendmail wrapper script? Any links to
examples?
No but you can modify the script below to fit your needs:
#!/bin/sh
# temporary directory
TMPDIR=/tmp
# temporary working file name - unix time and process ID
TMPFILE=`/bin/date +%s`.$$
# tempo
Hello Andrezej,
How is it possible to make such a sendmail wrapper script? Any links to
examples?
Best regards,
Kenneth
On Mon, 2005-01-31 at 16:54, Andrzej Adam Filip wrote:
> Kenneth Andresen wrote:
> > I am looking for a way to spam-check outgoing mail, so the users
> > registered with my s
Kenneth Andresen wrote:
I am looking for a way to spam-check outgoing mail, so the users
registered with my server cannot send out spam (or viruses).
My server is using squirrelmail for sending e-mail, so the mail is
generated on the server and sent directly using SMTP (in squirrelmail
you may choo
Hello all,
I am looking for a way to spam-check outgoing mail, so the users
registered with my server cannot send out spam (or viruses).
My server is using squirrelmail for sending e-mail, so the mail is
generated on the server and sent directly using SMTP (in squirrelmail
you may choose between
25 matches
Mail list logo
