Good afternoon
Like many system managers, we struggle with the best way to block
relaying attempts against our MAIL server. At the moment, we have
very strict rules in our sendmail configuration which results in
the error messages below my signature.
But, what is the best way to effectively block this IP address?
We trapped over 300+ attempts in one 24 hour period. Our network
manager is checking his PIX Firewall configuration. But, if I have
to do it on the MAIL server, do we have any other options except
sendmail?
Thanks in advance.
-- Steve Lowe
Information Services
Aurora University
-----------------------LOG MESSAGES----------------------------
Jan 2 13:12:17 mail sendmail[239369]: ruleset=check_relay,
arg1=24-196-110-112.jvl.wi.charter.com, arg2=24.196.110.112,
relay=24-196-110-112.jvl.wi.charter.com [24.196.110.112], discard
Jan 2 13:12:17 mail sendmail[239369]: h02JCHOZ239369: ruleset=check_rcpt,
arg1=<mrscruella_at_yahoo.com>, relay=24-196-110-112.jvl.wi.charter.com
[24.196.110.112], reject=550 5.7.1 <mrscruella_at_yahoo.com>... Relaying denied
Jan 2 13:12:17 mail sendmail[239369]: h02JCHOZ239369:
from=<pbeallis_at_aurora.edu>, size=0, class=0, nrcpts=0, proto=SMTP, daemon=MTA,
relay=24-196-110-112.jvl.wi.charter.com [24.196.110.112]
Received on Thu Jan 02 2003 - 19:50:19 NZDT