Re: spam to aliases and system accounts
On Wed 19 Apr 2017 at 20:15:02 +0200, Daniel Pocock wrote:
> When people install Debian (or any distro), they usually get a bunch of
> entries in /etc/aliases and various system accounts (/etc/passwd entries
> with UID < 1000) created by the packages they install.
>
> I've noticed an increase in spammers targeting some of the more common ones.
>
> Can the number of aliases installed by default be reduced?
>
> Do any of the mailers (postfix, exim, etc) provide a convenient way to
> exclude delivery to system accounts by default, or to exclude these
> aliases and accounts from receiving mail from external senders? Could
> anybody share examples of how they do it or pointers to any blogs or
> wikis with examples?
>
> Could/should any more be done at the packaging level to minimize this
> problem or is it something that can only be done on a per-site basis?
This is the postinst for exim4-config:
#initialize /etc/aliases
writealiases() {
echo '# /etc/aliases' > /etc/aliases.tmp
echo 'mailer-daemon: postmaster' >> /etc/aliases.tmp
for i in postmaster nobody hostmaster usenet news webmaster www ftp abuse noc security ; do
echo "${i}: root"
done >> /etc/aliases.tmp
mv /etc/aliases.tmp /etc/aliases
}
You would have to sound out and convince the exim4 maintainers. I can
well imagine their enthusiasm for a change might be muted.
--
Brian.
Reply to: