Bob Brennan schrieb: [snip]
Probably a good idea to shut them off semi-permanently: add these lines to your iptables firewall: (Note - there are more general ways to script iptables setups) (Read "better ways", but this is a specific example)
# Next 8 lines specific to tfn.net.tw
# Log any connection attempts by tfn,net.tw
iptables -A INPUT -i eth0 -s 219.81.0.0/16 -j LOG --log-prefix "static.tfn.net.tw"
iptables -A INPUT -i eth0 -s 61.31.0.0/16 -j DROP -j LOG --log-prefix "dynamic.tfn.net.tw "
# Drop dynamic.tfn.net.tw iptables -A INPUT -i eth0 -s 61.31.0.0/16 -j DROP # Drop static.tfn.net.tw iptables -A INPUT -i eth0 -s 219.81.0.0/16 -j DROP
[/snip]
Hi Bob,
Good way to get the spammer of your ports ;-)
See here 2 links, where you chan check your mailserver immediately for your "open relay". There is no need to register or whatever - just type your ip and go. You will see if your mailserver is secure enough or which methods still could be used, to send spam via your mailserver.
http://www.relaycheck.com/test.asp http://www.antispam-ufrj.pads.ufrj.br/
Have you built-in RBL-Support for your mailserver? This perhaps could get your spammer even off your mailserver. See 3 free lists below.
bl.spamcop.net, relays.ordb.org, sbl.spamhaus.org,
btw. preferably you use by today no longer pop-before-smtp, either use smtp-auth. If you authenticate your users in pop/imap against mysql you COULD use the same database for smtp either.
HTH Roger
btw. doing perror 13 in shell gives the following:
[roger@link ~]$ perror 13 Error code 13: Permission denied
...i had this too, this was an issue from selinux. You could either disable mysql-support in selinux (system-config-securitylevel) or try to relabel your system. This helped me, in some way (...)
/sbin/fixfiles relabel
make also sure, that your /var/lib/mysql is chowned -R mysql:mysql
HTH Roger
begin:vcard fn:Roger Grosswiler n:Grosswiler;Roger email;internet:http://www.gwch.net tel;home:+41 56 496 36 93 tel;cell:+41 78 797 61 53 x-mozilla-html:FALSE version:2.1 end:vcard