[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: ipchains rules: REJECT vs. DENY



On Wed, 25 Jul 2001 17:12:22 PDT, Alvin Oga writes:
>> >Moral of that story is to make sure that you either run an ident
>> >server, or set it to REJECT.
>> 
>> Well, I wouldn´t (and don´t) run identd, since I have no intention of 
>>  revealing the name of the user running a particular service (in 
>
>if one runs identd...  any incoming email address to "fake@yourdomain.com"
>will get returned/bounced back to the sender as no such user...
>( you see a log in maillog etc that they tried to send soemthing )
>
>if you dont run identd... you receive and store that email addressed
>to fake.... and bounced locally to root/postmaster as non-deliverable
>locally ??

If my box would take mail for non-existent accounts it would have to 
 bounce them to the envelope-from, not some <ident-response@whereever>.

That has nothing to do with ident. Take one of my mails to debian-user 
 as example:

Received: from ka.graffl.net (someone?else@193.154.165.8)
  by murphy.debian.org with SMTP; 25 Jul 2001 23:24:41 -0000
Received: from WatchZwerg.waldner.priv.at
 (none_of_your_business@WatchZwerg.waldner.priv.at [193.80.224.98])
 by ka.graffl.net (8.9.3/8.9.3/Debian 8.9.3-21) with ESMTP id BAA08314
 for <debian-user@lists.debian.org>; Thu, 26 Jul 2001 01:24:38 +0200

The only source of mails to "someone?else@193.154.165.8" or
 "none_of_your_business@WatchZwerg.waldner.priv.at" are spammers, but 
 such clueless ones usually also try to send mails to the message-id...

But of course sendmail does the right thing (it´s not exchange or 
 bloatus notes), it never even stores mails to unknown accounts, it 
 just issues a 5xx ("no such luser") in the smtp-conversation and that´s 
 it.

rcpt to:<someone?else@[193.154.165.8]>
550 <someone?else@[193.154.165.8]>... User unknown

rcpt to:<none_of_your_business@WatchZwerg.waldner.priv.at>
550 <none_of_your_business@WatchZwerg.waldner.priv.at>... User unknown

cheers,
&rw
-- 
-- My name is sendmail.cf.
-- You killed my process.
-- Prepare to vi.
----


Attachment: pgpm9NajVEgn3.pgp
Description: PGP signature


Reply to: