On 13-Jun-2000, Michael Boyiazis wrote:
> 209.244.137.13:deny
[...]
> It works to prevent connection from other IPs blocked w/ denies.
Could you show that the mail that you think slips past tcpserver in
fact came from 209.244.137.13? Maybe scan your logs for 209.244.137.13
and see if it's denied or not.
> It just seems that in this case (and in a previous attack) that the
> spam, which is disquised as a bounce, (no "from" info) slips past
> tcpserver, perhaps because qmail considers the mail to be from the
> person receiving the mail instead of being from the spammer(?)
AFAIK, tcpserver doesn't understand mail. In a nutshell, it acts as a
mediator, it will invoke whatever daemon is specified if connection is
not denied. Please CMIIW.
Ronny
