Deterring mail relay attempts
in [Debian]
|
From: Andrei Popescu on 2 Jul 2010 03:30 On Jo, 01 iul 10, 19:43:44, lee wrote: > > One downside seems to be that it creates lots of exim processes, and > > I am not sure why yet. It may be open connections with dropping > > data as a result of the recently added iptables rule > > Just to be curious, what is the thinking/idea/advantage behind > disallowing connections by firewall rules instead of denying the > relaying or blacklisting the originating IPs through exims > configuration? I'm not very familiar with this stuff, but I can imagine: - two levels of defense - sparing exim all the useless connections Regards, Andrei -- Offtopic discussions among Debian users and developers: http://lists.alioth.debian.org/mailman/listinfo/d-community-offtopic
From: lee on 3 Jul 2010 10:20 On Thu, Jul 01, 2010 at 09:08:26PM +0100, Alan Chandler wrote: > On 01/07/10 18:43, lee wrote: > >Just to be curious, what is the thinking/idea/advantage behind > >disallowing connections by firewall rules instead of denying the > >relaying or blacklisting the originating IPs through exims > >configuration? > > > > > > I would like to cause as much disruption to these guys as possible. Thanks for you all your responses! It makes some sense seeing it that way :) -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/20100703141435.GD31587(a)yun.yagibdah.de
From: Richard Hector on 6 Jul 2010 08:30 On Thu, 2010-07-01 at 21:08 +0100, Alan Chandler wrote: > I would like to cause as much disruption to these guys as possible. I'd happily drop packets to save bandwidth, and load on my MTA, but I'd think twice about that reason. My understanding is that most spam comes from compromised home machines these days - so the person getting disrupted is some poor sucker whose machine is compromised, not the actual offender. Dropping packets may save _them_ bandwidth as well, so as I say, I'd happily do it :-) Richard -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/1278418867.30144.14.camel(a)diamond.lan.walnut.gen.nz
From: John Hasler on 6 Jul 2010 11:10 Richard Hector writes: > My understanding is that most spam comes from compromised home > machines these days - so the person getting disrupted is some poor > sucker whose machine is compromised, not the actual offender. The machine is compromised because the sucker failed to secure it. While the botnet operator is the actual criminal the owner of the compromised machine is still negligent. -- John Hasler -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/878w5opuq9.fsf(a)thumper.dhh.gt.org
From: Richard Hector on 6 Jul 2010 18:40 On Tue, 2010-07-06 at 09:09 -0500, John Hasler wrote: > Richard Hector writes: > > My understanding is that most spam comes from compromised home > > machines these days - so the person getting disrupted is some poor > > sucker whose machine is compromised, not the actual offender. > > The machine is compromised because the sucker failed to secure it. > While the botnet operator is the actual criminal the owner of the > compromised machine is still negligent. Through ignorance, in most cases, I suspect. I doubt most of them are aware of the consequences. Richard -- To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org Archive: http://lists.debian.org/1278455528.3978.6.camel(a)topaz.wgtn.cat-it.co.nz
First
|
Prev
|
Next
|
Last
Pages: 1 2 3 4 Prev: Current solution for ia32 on amd64? Next: Need dependency bug workaround for pulseaudio. |