[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] RaQ3/4 - Disable Relaying
- Subject: Re: [cobalt-users] RaQ3/4 - Disable Relaying
- From: flash22@xxxxxxx
- Date: Thu Feb 7 17:34:05 2002
- List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>
On Thu, 7 Feb 2002, Chad wrote:
> ISP for SMTP services. I have one user that's trying
> to relay his "hanmail" off his account, by forging
> headers. The relay window is set for 1 min., and he
> just bangs the server trying to get as many through as
> possible during that window (even though most come
> back with "relaying denied" messages. I've almost got
> the bugger in my web, and when I do catch him (100%),
> I'm hitting his credit card for the abuse fee he
> agreed to pay when he opened the account for his
> mischief activities. I'm just laying the web to catch
> the freak. I want to stop his attempts to get through
> that 1 min window each day.. It appears he's logging
> in via FTP a bit before the spam starts trying to
> leave the server... So unchecking this check box in
> the admin GUI regarding "Pop before Relay" should turn
> off all relaying correct? It just seemed a bit counter
It will prevent relaying from points outside the server, yes, However, be
carefull, if he has ftp access, it could upload a spamware cgi script and
spam from inside the server, that one is really nasty as he has direct
access to a fast connection then...
> intuitive as I didn't know if that would turn off
> relaying completely, or the opposite effect and open
> up the box to relaying (which obviously I don't want
> to do).. Thanks for your input!
You could also add his IP as a reject ;)
ps: If you know where he's sending them To , you can sneak in an alias and
grab a few :)
You might also want to alias his address so you ctch the
bounces/complaints, don't let him play too long, or you are gonna get flak
gsh