On Tue, 6 Apr 2004, Michael Sullivan wrote:
I read my log watch every day for my server PC each time I notice an
attempted unauthorized access I run the IP through whois and then I send
an email to the abuse@ address I see at the bottom of whois report. This morning I found a third attempt to send email through my smtp
server from kornet.net. Is there anyone I can report them to if it
happens again? I've sent them email all three times that they've
attempted to use my server...
-Michael Sullivan-
Well, I wish you the best of luck because you're going to need it. kornet is a Korea operation that sends tons of spam. I actually got a reply back from them one time that told me in very definite terms to stop bothering them.
kornet.com owns a series of ip's. Just put the following line in /etc/mail/access (assuming you're using sendmail)...
204.228.229 DISCARD
and then do a
makemap hash access < access
There is no need to restart sendmail. This will result in sendmail discarding all further email from any of their ip's.
!bounce !bounce. =P
-- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
