how to stop using *telnet <domain> 25*
David A. Bandel
david
Mon May 17 11:58:37 PDT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 24 Jan 2004 12:00:15 -0600
Gary <gv-list-linuxsxs at mygirlfriday.info> wrote:
> On Sat, Jan 24, 2004 at 12:43:57PM -0500 or thereabouts, Bruce
> Marshall wrote:
> > On Saturday 24 January 2004 12:29 pm, Ben Duncan wrote:
> > > I think the question here is :
>
> > > Someone outside our network/domain is using a telnet to
> > > port 25 to use the MTA.
> > >
> > > Anyone more familiar with iptables know if such a "service"
> > > can be blocked ?
>
> > Assuming you need to have port 25 open to the outside world, then I
> > think you're left with blocking that IP address. Yes, iptables can
> > block the address. I do it all the time with shorewall.
>
> > > Bruce Marshall wrote:
> > > > On Saturday 24 January 2004 10:57 am, Swapana Ghosh wrote:
> > > >>I ?have already blocked that IP. But the question is they can
> > > >use another>IP, which they did before already once IP with
> > > >different net work. So how>many IPs we will block? That is why i
> > > >was wondering , if there is a way>then we can stop our tension
> > > >for ever..
> > > >
> > > > I was going to say "get rid of the telnet client" since no one
> > > > really should be using it for anything... but... a) There
> > > > might be a need for it, or b) he might already have a copy of
> > > > the client (or could easily get one).
> > > >
> > > > Is there any clue as to who it is? In the mail sent?
>
> If they are using port 25, and you have an MTA running, sendmail,
> postfix, or qmail. You should set your MTA to allow use for only your
> existing internal IP range, and you will not have this problem.. They
> will not be able to send mail period.
>
> In short, you have not properly closed down your MTA, and you are an
> open relay.
Not exactly. If the addresses the spammer is sending to is on that mail
server, then of course it has to accept the mail (not 100% true, you can
block IPs that don't reverse or resolve as mail servers -- I use
milter-sender to do this).
Ciao,
David A. Bandel
- --
Focus on the dream, not the competition.
Nemesis Racing Team motto
GPG key autoresponder: mailto:david_key at pananix.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQFAEre0j31PLQNUbV4RAizfAJ0WUmi2YWoHmyfgWhY+Wv2c7jaRUgCeOpE2
ViVNgnP9xTwXZCSp8upYES0=
=gwu8
-----END PGP SIGNATURE-----
More information about the Linux-users
mailing list