-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
(snip)
> telnet mail-abuse.org [you have to execute this from the mailserver]
>
> It'll run a test back to your server and connect to the sendmail port.
> It'll put your computer through something like 17 different tests. The
> one kink I found is that once it finds a problem, it stops
> the testing.
> So once you fix the rule, you'll have to re-test to make sure
> it passes
> every test.
(snipped)
Thanks Glen,
I tried this and it passed every test. The confusing part was the
notations in the logs that a NULL connection was made.
As for the TCP Wrappers, I make it a point to list attempts to connect
to my machine in /etc/hosts.deny even though it is preceeded by ALL:ALL.
Maybe it's overkill on my part, but If I find someone actively trying to
connect via pop2, pop3 and imap ( which was the case here ) a multitude
of times on a daily basis I am fairly confidant someone is looking for a
way in. I'll error on the side of caution everytime. ( btw - ftp and
port 111 was attemped also, but I dont run anonymous ftp or the
portmapper - and he is now rejected by IPCHAINS on port 111 )
I only have about 20 users currently, and each has a dynamic IP address
given by their ISP ( none of which is in the IP range trying to connect
to my machine ). These users don't have shell access and are set up to
check their mail via a web based email client ( TWIG ) so a pop or imap
connection from them is not likely from any other method.
Until I have the chance to experiment with the newest sendmail that has
authenticated smtp I wont let my users connect in any other way than via
the TWIG for their mail needs.
But thanks for the tip on the telnet mail-abuse.org. I like test they
have.
Scott
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.0.2
iQA/AwUBOMZsOnPDicvPquiCEQIl2ACg56b+fhSXcaw7qS/Eecm1msrK4/4An3V9
/X8HuU424biOwi9R3baP+QrH
=EQBv
-----END PGP SIGNATURE-----
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
