Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: spam and protection?
Special Forums Cybersecurity spam and protection? Post 31105 by RTM on Friday 1st of November 2002 09:34:32 AM
Old 11-01-2002
I happened to have the same problem but not to the extent that it's killing our server or flooding me (postmaster) with email.

What you need to do is look at the headers and figure out if the spammers are using some system that is an open relay or not. If they are, calling or emailing the postmaster of that server may help to remove the problem.

Getting the hundreds of email from irate folks about spam - nothing can be done unless you just want to filter them and not do anything. The problem with that - one: your company does not look good in the eyes of potential customers; two: you will never get rid of the problem.

Yes, it is probably impossible to stop spammers one email at a time but finding the problem children on the internet (the open relays the spammers are using) or complaining to their ISP (those who are selling them a piece of a subnet) will help.

Check the headers - they will lead you to the folks involved. Complain to the postmaster, hostmaster, abuse, any contact person in either ARIN or NetworkSolutions database for that IP or domain name.

Check out Network Abuse Clearinghouse for further info.

If you are just a user looking to get rid this mail, then a filter would work.
Last edited by RTM; 11-01-2002 at 10:39 AM..
 

7 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Override protection.....

I am having this problem......when I run this script: print -n "Enter file name to be deleted: " read answer if then rm $name else echo "No such file with the name: $name exists" fi I was trying to test my script for errors, and basically when the user had files with the rights: 400,... (1 Reply)
Discussion started by: Makaveli.2003
1 Replies

2. Filesystems, Disks and Memory

protection schemes

Consider a system that supports 5,000 users. Suppose you want 4,990 of these users to be able to access one file How would you specify this protection scheme in UNIX (4 Replies)
Discussion started by: mattyboy
4 Replies

3. Linux

file security/protection

Hi All I am working on a site to help newbie to learn linux for free. demo.freelinuxconsole.info there is only one file index.php its been able to rename or deleted. Kindly let me know what permissions should i give to secure this file from editing or deleting by others. (8 Replies)
Discussion started by: smithjack
8 Replies

4. Shell Programming and Scripting

Password protection in unix

How to create a file in UNIX which is password protected ? Thanks and Regards, Neeraj (5 Replies)
Discussion started by: neeraj617
5 Replies

5. IP Networking

Protection against arp spoofing

Hi, I'm trying to find a way to protect my network against arp spoofing. What it is: An attacker sends fake arp packets in the network, identifying himself as the router. All network traffic is then redirected to this attacker. How to protect myself: In my opinion, the best possible... (2 Replies)
Discussion started by: chrisperry
2 Replies

6. Shell Programming and Scripting

Script protection against changes

Hi everyone, I´m trying to protect the scripts I have made from changes. At my office I´m the one who research improvements on daily tasks, and I´ve done many scripts, that I share with my partners.I´m tired because they take my scripts and make their owns with new features that don´t share... (4 Replies)
Discussion started by: dover07
4 Replies

7. Homework & Coursework Questions

Protection and special characters

I am learning from the class how to protect the special characters and the script that I wrote here does not work when I am trying to pick up a single quote. It would complaint about parentheses problem. Please, someone could enlighten me. Thanks in advance, Scopiop Input file Hi, * ?... (2 Replies)
Discussion started by: scopiop
2 Replies

LEARN ABOUT SUSE

mail::spamassassin::plugin::dcc

Mail::SpamAssassin::Plugin::DCC(3)			User Contributed Perl Documentation			Mail::SpamAssassin::Plugin::DCC(3)

NAME

       Mail::SpamAssassin::Plugin::DCC - perform DCC check of messages

SYNOPSIS

	 loadplugin	Mail::SpamAssassin::Plugin::DCC

	 full DCC_CHECK        eval:check_dcc()
	 full DCC_CHECK_50_79  eval:check_dcc_reputation_range('50','79')

DESCRIPTION

       The DCC or Distributed Checksum Clearinghouse is a system of servers collecting and counting checksums of millions of mail messages.
       TheSpamAssassin.pm counts can be used by SpamAssassin to detect and reject or filter spam.

       Because simplistic checksums of spam can be easily defeated, the main DCC checksums are fuzzy and ignore aspects of messages.  The fuzzy
       checksums are changed as spam evolves.

       Note that DCC is disabled by default in "init.pre" because it is not open source.  See the DCC license for more details.

       See http://www.rhyolite.com/anti-spam/dcc/ for more information about DCC.

TAGS

       The following tags are added to the set, available for use in reports, header fields, other plugins, etc.:

	 _DCCB_    DCC server ID in a response
	 _DCCR_    response from DCC - header field body in X-DCC-*-Metrics
	 _DCCREP_  response from DCC - DCC reputation in percents (0..100)

       Tag _DCCREP_ provides a nonempty value only with commercial DCC systems.  This is the percentage of spam vs. ham sent from the first
       untrusted relay.

USER OPTIONS

       use_dcc (0|1)	   (default: 1)
	   Whether to use DCC, if it is available.

       dcc_body_max NUMBER
       dcc_fuz1_max NUMBER
       dcc_fuz2_max NUMBER
	   This option sets how often a message's body/fuz1/fuz2 checksum must have been reported to the DCC server before SpamAssassin will
	   consider the DCC check as matched.

	   As nearly all DCC clients are auto-reporting these checksums, you should set this to a relatively high value, e.g. 999999 (this is
	   DCC's MANY count).

	   The default is 999999 for all these options.

       dcc_rep_percent NUMBER
	   Only commercial DCC systems provide DCC reputation information. This is the percentage of spam vs. ham sent from the first untrusted
	   relay.  It will hit on new spam from spam sources.  Default is 90.

ADMINISTRATOR OPTIONS

       dcc_timeout n	   (default: 8)
	   How many seconds you wait for DCC to complete, before scanning continues without the DCC results.

       dcc_home STRING
	   This option tells SpamAssassin where to find the dcc homedir.  If not given, it will try to get dcc to specify one, and if that fails
	   it will try dcc's own default homedir of '/var/dcc'.  If "dcc_path" is not specified, it will default to looking in "dcc_home/bin" for
	   dcc client instead of relying on SpamAssassin to find it in the current PATH.  If it isn't found there, it will look in the current
	   PATH. If a "dccifd" socket is found in "dcc_home" or specified explicitly, it will use that interface instead of "dccproc".

       dcc_dccifd_path STRING
	   This option tells SpamAssassin where to find the dccifd socket. If "dcc_dccifd_path" is not specified, it will default to looking for a
	   socket named "dccifd" in a directory "dcc_home".  The "dcc_dccifd_path" can be a Unix socket name (absolute path), or an INET socket
	   specification in a form "[host]:port" or "host:port", where a host can be an IPv4 or IPv6 address or a host name, and port is a TCP
	   port number. In case of an IPv6 address the brackets are required syntax. If a "dccifd" socket is found, the plugin will use it instead
	   of "dccproc".

       dcc_path STRING
	   This option tells SpamAssassin specifically where to find the "dccproc" client instead of relying on SpamAssassin to find it in the
	   current PATH.  Note that if taint mode is enabled in the Perl interpreter, you should use this, as the current PATH will have been
	   cleared.

       dcc_options options
	   Specify additional options to the dccproc(8) command. Please note that only characters in the range [0-9A-Za-z ,._/-] are allowed for
	   security reasons.

	   The default is "undef".

       dccifd_options options
	   Specify additional options to send to the dccifd(8) daemon. Please note that only characters in the range [0-9A-Za-z ,._/-] are allowed
	   for security reasons.

	   The default is "undef".

perl v5.12.1							    2010-03-16					Mail::SpamAssassin::Plugin::DCC(3)
All times are GMT -4. The time now is 11:00 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy