On Mon, Jan 27, 2003 at 01:26:03PM -0500, Derrick 'dman' Hudson wrote:
> On Mon, Jan 27, 2003 at 11:09:54AM -0600, will trillich wrote:
> | does this [see attachment] indicate that some spammer has found
> | a way to get me to relay his mail? aaugh!
>
> No. It means you are the victim of a spammer using your addess as the
> return address.
>
> Follow the headers in the message :
[snip clear, step-by-step sherlocking]
> Your system is ok, Will. It is unfortunate, however, when spammers
> can abuse correct but sub-optimal SMTP servers to deliver the spam as
> a bounce.
very nice explanation. i'll be able to do s'more of my own
snooping next time. many thanks!
--
I use Debian/GNU Linux version 3.0;
Linux server 2.4.20-k6 #1 Mon Jan 13 23:49:14 EST 2003 i586 unknown
DEBIAN NEWBIE TIP #124 from dman <[EMAIL PROTECTED]>
:
So you've decided to BLOCK ALL TRAFFIC EXCEPT SSH. What you
need to do is specify the port to allow. ssh uses port 22 by
default -- With iptables try:
iptables -A INPUT -p TCP --dport ssh -j ACCEPT
This says that in the input chain, for tcp packets, if the port
number matches ssh in /etc/services then accept the packet
regardless of IP addresses. (This should give you a pointer
towards the necessary ipchains options if you don't have
iptables available.)
Also see http://newbieDoc.sourceForge.net/ ...
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
