[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [OA Security] [cobalt-security] sendmail, POP b4 SMTP and IP addresses
- Subject: Re: [OA Security] [cobalt-security] sendmail, POP b4 SMTP and IP addresses
- From: OpenAccess System Security <security@xxxxxxxxxxxxxx>
- Date: Thu, 17 Apr 2003 20:48:24 -0700
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
We disabled reverse-DNS our mail servers some time ago. It is an artifact
of early attempts to reduce spam. Configuring to simply subscribe to spam
lists works far better.
In regards to using m4 to regnerate sendmail.cf, I find it easier to find
the appropriate line in the sendmail.cf and directly change it. Most folks
say not to do that because m4 is easier, but it has always seemed
quicker/faster easier to modify .cf directly, making backups of course.
- mike
On 4/17/03 8:03 PM, "Graeme Merrall" <graeme@xxxxxxxxxxxxx> wrote:
> Point me to a generic sendmail list if you feel this is to generic.
>
> Some of you may now that AOL has recently altered their mail configurations to
> cut down on spamming. There are two interesting measures they've taken. One is
> to stop accepting email from IP numbers they believe to be from subscriber DSL
> lines which forces people to use their ISP's mail server rather than running a
> mail server on their own machine which cuts down spam coming in to their
> systems. The other is to prevent reverse lookups on people with AOL
> connections so direct connections to external mail servers will generally
> fail. This helps cut down spam coming out of their systems.
>
> I actually work for AOL (and yes we use open source) and connect through
> normal AOL at home. I use Linux on my desktop and since these changes I can no
> longer use POP before SMTP as sendmail now tells me that relaying is denied as
> IP name lookup failed and there is not a AOL SMTP server for customers. If
> you're on the AOL WAN there's one but that's
>
> I've done some reading and it appears that I may be able to use either
> FEATURE(`accept_unresolvable_domains'), FEATURE(`relay_mail_from') or
> FEATURE(`delay_checks').
>
> Two problems arise from this though. What is the best method for me to allow
> myself to send mail through the box again without compromising security and is
> it safe to go tinkering about with the m4 stuff and regenerate the sendmail.cf
> file? If there's any sendmail people out there who can help I'd appreciate a
> few pointers
>
> Cheers,
> Graeme
> _______________________________________________
> cobalt-security mailing list
> cobalt-security@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-security
> _______________________________________________
> Oa-security mailing list
> Oa-security@xxxxxxxxxxxxxxxxxxxx
> http://lists.openaccess.org/mailman/listinfo/oa-security
>