That's exactly what I did -- 3 times!!! Palmetto Shopper http://www.palmettoshopper.com Serving all of South Carolina and beyond!
> -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Thomas Smith > Sent: Monday, June 02, 2003 1:11 AM > To: [EMAIL PROTECTED] > Subject: Re: Creating blacklist > > > MKlinke wrote: > > >On Monday 02 June 2003 04:14, Daryl Hunt wrote: > > > > > >>----- Original Message ----- > >>From: "Thomas E. Dukes" <[EMAIL PROTECTED]> > >>To: "[EMAIL PROTECTED] Com" <[EMAIL PROTECTED]> > >>Sent: Sunday, June 01, 2003 7:36 PM > >>Subject: Creating blacklist > >> > >> > >> > >>>I keep getting email virii (sp) sent to me from from a particular > >>>domain. This has gone on for a couple months now. I have notified > >>>these people but they can't or won't stop. Thankfully, I use > >>>mailscanner and f-prot which catches everything (so far). > It's the > >>>Klez virus. > >>> > >>>I also use spamassassin. I tried putting their domain in > >>>/etc/mail/access as REJECT and creating a new > /etc/mail/access.db It > >>>still comes through. I'm tired of seeing this crap. How > can I make > >>>a blacklist of my own site-wide. I see how to do it in each user > >>>home directory but I want the whole site to reject mail from that > >>>domain. > >>> > >>>Do I make a file /etc/mail/spamassassin/user_prefs or do I add the > >>>blacklist_from to /etc/mail/spamassassin/local.cf? > >>> > >>>TIA > >>> > >>> > > > >I'm trying to figure out what spamassassin has to do with this. Any > >mail addresses you find in a Klez originated message, except > yours, has > >been spoofed by the virus so adding these addresses to a > blacklist will > >do nothing except possibly blacklist your friends, > neighbors, and other > >innocent victims. > > > True, Klez is a hard one to track down. Perhaps a better > solution would > be to allow the virus scanner to do its job. > > You can also pull from the header the IP of the server the email came > from (if you haven't already done so)--this is more difficult (if not > impossible) to spoof. With this, you can contact that > server's admin and > make them aware of the situation--giving them a chance to resolve the > problem. They should be able to track down the client sending > the email > if they keep good logs. > > If the problem persists you could then blacklist them but > only as a last > resort. Most "lagit" admins will work to resolve the problem so as to > avoid disrupting service for their customers. > > > -- > redhat-list mailing list > unsubscribe mailto:[EMAIL PROTECTED] > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
