Re: [courier-users] question about old version... 0.43.2 or 0.44.2
Mitch (BitBlock) writes: I have some older servers – we are in the process of upgrading, but I just had a wave of what I believe were spam which were being relayed by using our servers. The messages were presented as dsn (I see the module dsn) – is there a way to mitigate this kind of attack until I can finish the migration? You asked this a few days ago, but may not've seen my response, I suppose. These are not original messages. These are bounces. The dsn module is used to send bounce messages. Your log clearly shows an initial attempt to deliver the message to gmail, which rejected it, resulting in a bounce to the original message's sender address. I reset the users password, which didn’t help – the only thing that seemed to mitigate the emails was actually modifying the users email address. When I did that, the email flow stopped. Resetting the password won't affect an existing connection, which is already authenticated. Neither will it affect any existing message which was already received, and is waiting to be sent. pgpyQV8bio7mr.pgp Description: PGP signature -- Want fast and easy access to all the code in your enterprise? Index and search up to 200,000 lines of code with a free copy of Black Duck Code Sight - the same software that powers the world's largest code search on Ohloh, the Black Duck Open Hub! Try it now. http://p.sf.net/sfu/bds___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
Re: [courier-users] question about old version... 0.43.2 or 0.44.2
On 29.07.14 05:09, Mitch (BitBlock) wrote: I have some older servers - we are in the process of upgrading, but I just had a wave of what I believe were spam which were being relayed by using our servers. The messages were presented as dsn (I see the module dsn) - is there a way to mitigate this kind of attack until I can finish the migration? you need to block the spam source, e.g. change password or remove RELAYCLIENT from sending IP's parameters (I do not recommend using RELAYCLIENT for client machines, using STMP authentication is better) I reset the users password, which didn't help after resetting password, you must kill connected smtpd's - until that the already connected clients can push other mail. - the only thing that seemed to mitigate the emails was actually modifying the users email address. When I did that, the email flow stopped. modified the address? How? -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Windows 2000: 640 MB ought to be enough for anybody -- Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071iu=/4140/ostg.clktrk ___ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users