Hey All,
I'm running sendmail 8.9.3 and pretty much left everything default. The
spam stoppers are in full effect..
I have a question about the following:
Mar 20 14:39:25 xxx sendmail[18726]: OAA18726: ruleset=check_mail,
arg1=<xxx(a)bebe.com>, relay=[111.111.111.111], reject=451 <xxx(a)bebe.com>...
Sender domain must resolve
So i do a bit of digging:
# nslookup
> bebe.com
Server: ns.server.com
Address: ip.addy.here
*** ns.server.com can't find bebe.com: Non-existent host/domain
> set type=mx
> bebe.com
Server: ns.server.com
Address: ipaddyhere
Non-authoritative answer:
bebe.com preference = 0, mail exchanger = bebe-mail.bebe.com
Authoritative answers can be found from:
bebe.com nameserver = AUTH02.NS.UU.NETbebe.com nameserver = bebe-ns.bebe.combebe.com nameserver = BEBE-NS2.bebe.combebe-mail.bebe.com internet address = 208.240.224.197
AUTH02.NS.UU.NET internet address = 198.6.1.82
bebe-ns.bebe.com internet address = 208.240.224.225
BEBE-NS2.bebe.com internet address = 208.240.224.210
By looking at this.. I concluded that MX records aren't looked at when
deciding if a domain resolves or not. So.. I do the some testing with
hospitalforms.com (which doesnt resolve but has an MX record) and it worked..
So. Am I right when I assume that bebe.com's ns servers were most likely
down for a period of time?
Auth02.ns.uu.net is huge.. and 3 nameservers all go down at the same time?
This doesnt seem right.
Any suggestions?
Chrissy,
I expect that you will always get this response, it is common for the
domain not to have an IP address, after all, which machine should it
tell you about? If you tried www.bebe.com, you will probably get an
IP address as that will translate to an actual machine.
Sendmail will always assume MX records as these are all that is
relevant to it. Why should sendmail worry about the web or FTP
address ;-)
Alan
> ----------
> From: Chrissy LeMaire[SMTP:chrissy@netnerds.net]
> Sent: 21 March 2000 18:06
> To: suse-security(a)suse.com
> Subject: [suse-security] sendmail -- sender domain must resolve
>
> Hey All,
> I'm running sendmail 8.9.3 and pretty much left everything default. The
> spam stoppers are in full effect..
>
> I have a question about the following:
>
> Mar 20 14:39:25 xxx sendmail[18726]: OAA18726: ruleset=check_mail,
> arg1=<xxx(a)bebe.com>, relay=[111.111.111.111], reject=451 <xxx(a)bebe.com>...
>
> Sender domain must resolve
>
> So i do a bit of digging:
>
> # nslookup
>
> > bebe.com
> Server: ns.server.com
> Address: ip.addy.here
>
> *** ns.server.com can't find bebe.com: Non-existent host/domain
>
> > set type=mx
> > bebe.com
> Server: ns.server.com
> Address: ipaddyhere
>
> Non-authoritative answer:
> bebe.com preference = 0, mail exchanger = bebe-mail.bebe.com
>
> Authoritative answers can be found from:
> bebe.com nameserver = AUTH02.NS.UU.NET
> bebe.com nameserver = bebe-ns.bebe.com
> bebe.com nameserver = BEBE-NS2.bebe.com
> bebe-mail.bebe.com internet address = 208.240.224.197
> AUTH02.NS.UU.NET internet address = 198.6.1.82
> bebe-ns.bebe.com internet address = 208.240.224.225
> BEBE-NS2.bebe.com internet address = 208.240.224.210
>
>
> By looking at this.. I concluded that MX records aren't looked at when
> deciding if a domain resolves or not. So.. I do the some testing with
> hospitalforms.com (which doesnt resolve but has an MX record) and it
> worked..
>
> So. Am I right when I assume that bebe.com's ns servers were most likely
> down for a period of time?
> Auth02.ns.uu.net is huge.. and 3 nameservers all go down at the same time?
>
> This doesnt seem right.
>
> Any suggestions?
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: suse-security-unsubscribe(a)suse.com
> For additional commands, e-mail: suse-security-help(a)suse.com
>
L. Sassaman wrote:
> SSH2 is free for non-commercial use.
>
This is not exactly true. It would depend on your definition of commercial
use.
If you read the licensing of SSH2 you'll discover that they redefined what
they consider to be commercial use.
The license states:
"NON-COMMERCIAL USE shall mean the following uses of the SOFTWARE:
a) any use done outside and without connection to a commercial
organization and commercial activity,
b) use related to leisure time activities by private individuals,
including hobbies, games, etc. provided however that such use is not
commenced with commercial companies.
Uses not considered as NON-COMMERCIAL USE include, but are not
limited to:
a) any use where commercial activity is involved and where the use
in any way, directly or indirectly, aims at monetary or other
commercial benefit,
b) any use that takes place in commercial, governmental, military,
or similar organizations and where a salary or similar monetary
compensation is paid, unless the use can be considered to be
EDUCATIONAL USE or is purely for charity."
jonathan stated they he wished to use SSH2 to get files from work. This
activity would violate the SSH2 agreement.
Mario
Hi,
I know, this topic was already discussed several times.
Can anyone point me to an URL from where I can get infos about how to use
chroot for ssh-connections ?
TIA
--- Stephan
I just downloaded ssh2 and installed it, and I am looking for some
pointers from folks who have set it up in the past. I did not use the
rpm from the suse, I got it from ssh.org and compiled local. I would
rather learn from someone else getting cracked than learn the hard way.
I am using SuSE6.3, kernel 2.2.13. I want to be able to have it running
on the firewall and file server (2 separate machines), so I can get to
my files from work via the internet. Any and all suggestions welcomed.
TIA
The harden_suse script says the following:
"put every daemon in chroot and try to run them unpriviliged"
Does anybody know where I can get more infos about the chroot
program and running daemons unprivilged?
( I looked at the manpage and the info text, but
they werent't really informations about this )
Thanks.
--
Two-a-Day at joesixpack.netwww.freenet.de/joesixpack keyid BF3DF9B4
Hi all,
What is the most secure way to open the firewall for playing games on
Heat.net? They request access to several ports, so I've added the IP adresses
of Heat.net to FW_TRUSTED_NETS="194.176.220.0/24 208.213.56.0/24" and they
have access to all UDP ports. Is there a way to limit this access?
--
Frank Hart - mailto:frhart@home.nl
SuSE Linux - Kernel 2.2.14 on a i586 100 Mhz with 24 Mb RAM
--
"What is wanted is not the will to believe, but the will to find out,
which is the exact opposite."
-- Bertrand Russell, "Skeptical_Essays", 1928
Your problem may be the order in which your place the rules. Try putting the
last line in first. Deny everyone first then poke holes in it. Most
firewalls have some sort of precedence.
Thanks,
Grant DuVall
medibuy.com
Network Administrator
I am attempting to follow the 'Firewall and Proxy Server HOWTO' written
by
Mark Grennan, but have been running into a problem in section 6.4.
When pinging the outside address of the firewall from a computer on the
LAN,
it works. At this point of the test process, it shouldn't. IP
Forwarding
is turned off, and I have turned off IP Masquerading.
Can anyone provide me with some guidance?
Cheers,
Art Sloate
Guess I should have made that a little clearer ;).
I am wanting to figure this out from scratch. I am trying to break out of
the *Windows Only* frame that I am in concerning security that I recommend
to clients. Right now, I recommend Raptor, Firewall-1, or MS Proxy
depending upon the situation. Being able to configure ipchains from scratch
would be a great solution for clients on a limited budget.
Thanks for the reply though!
CK
-----Original Message-----
From: robert(a)texas.net [mailto:robert@texas.net]On Behalf Of Robert C.
Paulsen, Jr.
Sent: Tuesday, March 14, 2000 8:04 PM
To: KULISHdotCOM
Subject: Re: [suse-security] *WANTED: ipchains guru*
KULISHdotCOM wrote:
>
> Looking for someone to take a look at my ipchains script. I don't want to
> post it on the list as it is kind of long. A little background is in
order.
>
> I want to setup an ipchains firewall to do the following:
>
> Deny everythind that is not explicitly allowed.
>
> I have a server sitting behind it that will host pop3, smtp, www, and ftp
so
> I will need to forward all these ports.
>
> I want to allow everyone on the local network to ANYTHING out on the
> internet.
>
> I want to log any denials and protect against IP spoofing (and anything
else
> that might be dangerous).
>
> If anyone is willing to help, I will send them my annotated script to take
a
> look at. I do realize that some things are missing (probably the stuff I
> need help on).
>
> I have read all the HOW-TOs that I can find but something isn't clicking.
>
I would start here:
ftp://ftp.suse.com/pub/suse/i386/update/6.3/sec1/firewals.rpm
It will take a little thought and work to get it set up, but not as
much as trying to do the whole thing yourself.
--
____________________________________________________________________
Robert Paulsen
If my return address contains "ZAP." please remove it. Sorry for the
inconvenience but the unsolicited email is getting out of control.