Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations IamaSherpa on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

DOS attack on my mail server

Status
Not open for further replies.
tnerurkar

tnerurkar

Programmer
Apr 9, 2003
35
IN
Hi all,

I got a DOS attack on my mail server. 100 mails came with the someid@mydomain.com. (mydomain.com is my mail server name). How can I prevent this for next time?

I am using sendmail-8.12.8-9.80 version.

Thanks in advance.

Regards
Tushar
 
Sort by date Sort by votes
Edit your /etc/mail/access file, and add in a line such as this :

cyberspammer.com 550 We don't accept mail from spammers

Then rebuild your access.db file :

makemap hash /etc/mail/access.db < /etc/mail/access

See this link :


--------------------------------------------------
Free Database Connection Pooling Software
 
Upvote 0 Downvote
Hi,

Thanks for the reply.

I configured as per your instruction but it is rejecting messages of authorised users also. I m got following message for authorised user.

>>> RCPT To:<tushar@mydomain.com>
<<< 550 5.0.0 <tushar@mydomain.com>... We don't accept mail from spammers
550 5.1.1 <tushar@mydomain.com>... User unknown

Please help.

Regards
Tushar
 
Upvote 0 Downvote
Ahh, so you want to normally allow mail from whatever.com domain, but block joe@whatever.com ?

You must have a line like :

joe@whatever.com 550 Sorry Joe but no mail from you

Which will allow all other users at that domain to send mail, but not Joe.


--------------------------------------------------
Free Database Connection Pooling Software
 
Upvote 0 Downvote
nope.
I want to allow only authorised user to be send mails. rest should be blocked.

I m getting mails to a@whatever.com, b@whatever.com, c@whatever.com, d@whatever.com which is not my authorised users. I want to block them. IDs are not specific. I think it is generic.

Please help.

Regards
Tushar
 
Upvote 0 Downvote
Well you didn't say that at first !

IN your access file :

# accept these users
a@whatever.com RELAY
b@whatever.com RELAY
c@whatever.com RELAY
d@whatever.com RELAY

#Reject all others for this domain
whatever.com REJECT Not authorized user

It is important to have the accepted users above the rejected domain.

--------------------------------------------------
Free Database Connection Pooling Software
 
Upvote 0 Downvote
I'am having the same issue (DOS attack).
I put my authnticated users on my access file, but now i have an relay denied everytime when the user gets a message :(

I have in my access file this:

mydomain.com REJECT
to:myuser1@mydomain.com RELAY
to:myuser2@mydomain.com RELAY
to:myuser3@mydomain.com RELAY
to:myuser4@mydomain.com RELAY

Do i need to do something else ?

Thanks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

JRFEG
  • Locked
  • Question
Hack attempts overloading server by hogging memory
Replies
0
Views
933
JRFEG
JRFEG
cndgk
  • Locked
  • Question
What might cause local-originated (submit.cf?) mail not to show up in syslog,but incoming mail does?
Replies
0
Views
3K
cndgk
cndgk
lolodirezo
  • Locked
  • Question
detect unused sendmail mailboxes in order to delete these boxes
Replies
0
Views
2K
lolodirezo
lolodirezo
cjtucker1976
  • Locked
  • Question
Sendmail- can only send mail to external domains
Replies
0
Views
2K
cjtucker1976
cjtucker1976
bazil2
  • Locked
  • Question
Sending informative mail if sender's mail exceeds MB size limit - can this be done? 1
Replies
1
Views
101
ChrisHirst
ChrisHirst

Part and Inventory Search

Sponsor

Back
Top