Re: We need a new subject- bug fixes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Tue, 2007-03-06 at 15:55 +0000, Steve Searle wrote:
> I understood the firewall has to be open to allow sendmail to accept
> email from the internet, and that could be email for the domain, or
> email for other domains, and the firewall can't differentiate.

That's the first step.  The firewall passes through attempts to connect
to your SMTP server, and doesn't know right from wrong usage, as you've
surmised.  You can firewall against certain IPs, if you were able to
determine that they were only abusive in nature, but that can be a
difficult task (the abusers might come from different sources, and you
can end up blocking non-abusers).  Some ignorant admins will do that,
throwing the baby out with the bathwater, stupidly believing that
they're not creating a problem.

> Which is why sendmail needs to be configured to not accept email for
> domains other than those that are specifically intended.

Correct.  Firewalls only affect network connections, the applications
need to be configured to do their job properly.  It doesn't matter if
disallowed things *attempt* to use your SMTP server, it does matter if
they succeed.  

Of course you'll get a lot of attempts, and need to be able to handle
that.  I think it was about 60,000 spam attempts an hour that a local
BBS had to contend with, years ago, when they put themselves on the net.
Numbers will vary, but it indicates the huge potential for abuse that
you might have to deal with.  Some abusers will go hunting for SMTP
servers and keep hammering away at it, they won't give up if they don't
get anywhere, they'll just keep on abusing you.

-- 
(This PC runs FC4, my others FC5 & FC6, in case that's important
 to the thread)

Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.

[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux