[unisog] Super-hidden spamming exploits?

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Tue Oct 7 20:57:09 GMT 2003


On Tue, 07 Oct 2003 13:40:16 EDT, Jennifer Luisi <jlui at ats.rochester.edu>  said:
> We've been seeing a lot of this lately as well.  And maybe everyone does
> this already, but I've recently been thinking of tweaking sendmail to hard
> reject all mail without a resolvable sender. 

Damned good way to bounce all your *own* mail if your nameserver goes down for a
bit.... "Oh, the router to the DNS server on the other subnet hiccupped and we
dropped 10,000 messages...."

Of course, if you're positive you'll never have a DNS server crash or go nuts,
or have a tech unplug the wrong cable,  or the banana-eaters in the NOC mess
up an ACL on a router, or......

It defaults to tempfail because those of us who did the Sendmail code realized
it's just too easy to lose mail that way.  If you're *REALLY* intent on doing
something here, use the Sendmail 8.12 queue facilities to route all those
pieces of mail that throw a tempfail on the DNS into a queue with no queue
runners, and then run that queue with another instance of sendmail that has a
lower value for the Timeout.queuereturn (default is 5 days, I'd not put it
under 3 days unless you watch it like a hawk....)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/unisog/attachments/20031007/88c7ede6/attachment-0003.bin


More information about the unisog mailing list