As a follow-up on this email, one can use the tcpserver program under
ucspi-tcp to block access to your qmail smtp service (and any other tcp
service for that matter) from various combinations of IPs, domains,
usernames@domains/IPs etc. Its pretty neat. check it out;
http://cr.yp.to/ucspi-tcp.html (from the author of qmail)
SFQ
At 02:03 AM 6/18/01 +0600, Syed Faruque Ahmed wrote:
>Are you saying that this cannot be done with other mail programs like
>sendmail, postfix, etc? (I am assuming that he/she is telneting to port
>25 and entering SMTP commands, one by one.)
>
>If other mail programs are the same, then the next question would be; do
>the log files record the IP address of the machine from where this
>"spammer" is working this process from?
>
>If so, then I suppose one could detect and block the access from these
>IPs. I am not sure if "badmailfrom" will work with IPs. Will it accept
>"@IP-address" format? hmmm...
>
>SFQ
>
>At 08:43 PM 6/17/01 +0400, Artem Koutchine wrote:
>>Hello!
>>
>>The solution to my problem might or might not be related
>>to the vchkpw, so i'll try to find help here anyway.
>>
>>The problem is that if there is a virtual domain: bbb.zz
>>and there is a user [EMAIL PROTECTED] and the whole thing
>>is located at address ADDR then any spammer
>>can connect to smtp port on addres ADDR enter
>>[EMAIL PROTECTED] as FROM address (MAIL FROM) and
>>spam a bunch of people. All the victims will think
>>that [EMAIL PROTECTED] is doing it to them. Relaying is
>>allowed in this case, since bbb.zz is a local domain.
>>
>>How can I solve the problem? SMTP authorization?
>>but how? Any other ways?
>>
>>Regards,
>>Artem
