[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] serious help

Hi Joi!

I think there was alonger discussion on this list about POP before SMTP -
meaning that a user first has to check his valid POP3-account (by giving
username und password) before he can send SMTP-mails. Maybe you can check the
list-archive...

Joi wrote:

> My server is being dragged down by someone in China.
>
> Last week, s/he sent several thousand emails with nobody@xxxxxxxxxxxx as the
> reply address, causing me to receive (I own nodomain.com) nearly 20,000
> emails (mostly from mailer daemons).  Towards the end of my cleanup, I
> noticed that s/he was also aparently relaying through my SMTP service (which
> I thought I had set to only allow SMTP connections on port 25 from certain
> IPs.  I've put his/her IP in the DENY list, but that seems to be the only
> way to slow it down (until they move on to another computer on the same
> network).
>
> I've emailed the network administrator there to no avail.  Perhaps he does
> not speak English (I can't speak Chinese), or perhaps he's ignoring me.
> In any case, I would love to block out the whole class C.  How do I do this
> from the Admin panel, and more importantly, how do I do this in the actual
> server files?  (I don't trust the admin panel at all).
>
> Also, I noticed a couple connections to other ports (1039 and 1110 (TIME
> WAIT)).  Are they portscanning me or am I just paranoid?
>
> Thanks
> Joe Colburn
>
> ------
> http://www.nodomain.com   http://www.g0th.net
>
> _______________________________________________
> cobalt-users mailing list
> cobalt-users@xxxxxxxxxxxxxxx
> http://list.cobalt.com/mailman/listinfo/cobalt-users

--
_____________________________
Nikolas Samios
CTO/Geschäftsführer

[!] m e d i a p h i l

digital media
Dompfaffweg 10
D-81827 Munich
Germany

Tel: +49.89.431.908.0
Fax: +49.89.431.908.80
eMail: ns@xxxxxxxxxxxx
http://www.mediaphil.de
_____________________________