Redirect connection to another IP Address
Hi, I've still got this spammer trying to use my machine to send Spam. My ISP (NTLWorld) seem either over worked, or isn't going to take any action. So how can I redirect any connections to port 25 from a specific ip address to connect to another ip address. Basically I would like to redirect all the connections back to the spammers machine if possible. Is this possible, or could this cause more problems. Regards Adam
On Saturday 27 September 2003 16:11 pm, Adam Leach wrote:
Hi,
I've still got this spammer trying to use my machine to send Spam. My ISP (NTLWorld) seem either over worked, or isn't going to take any action.
So how can I redirect any connections to port 25 from a specific ip address to connect to another ip address. Basically I would like to redirect all the connections back to the spammers machine if possible.
Is this possible, or could this cause more problems.
Regards
Adam
Does port 25 need to be open? Why not just drop all of his connections...? -- +----------------------------------------------------------------------------+ + Bruce S. Marshall bmarsh@bmarsh.com Bellaire, MI 09/27/03 16:20 + +----------------------------------------------------------------------------+ "Confucious say too damn much!"
* Sat, 27 Sep 2003, suse@ntlworld.com:
Hi,
I've still got this spammer trying to use my machine to send Spam. My ISP (NTLWorld) seem either over worked, or isn't going to take any action.
So how can I redirect any connections to port 25 from a specific ip address to connect to another ip address. Basically I would like to redirect all the connections back to the spammers machine if possible.
Is this possible, or could this cause more problems.
1. There's very little chance that the IP you see is the actual box where the spam came from. 2. There's even less chance that that box is also listening for incoming mail. 3. When you lower yourself to their standards, and bully the wrong (innocent) person, you can become a subject of DoJ attention yourself. 4. Don't even dream that you have the required skills for this if you have to ask. 5. Get yourself hooked-up to an ISP with more clue, and less spamhause qualities. Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.2 x86 Kernel k_Athlon 2.4.20-4GB See headers for PGP/GPG info.
On Saturday 27 September 2003 21:26 pm, Theo v. Werkhoven wrote:
2. There's even less chance that that box is also listening for incoming mail.
If it comes from an open relay then there's a very HIGH chance it'll be listening for incomming mail! -- Sweet moderation Heart of this nation Desert us not We are between the wars - Billy Bragg
* Sat, 27 Sep 2003, dylan@dylan.me.uk:
On Saturday 27 September 2003 21:26 pm, Theo v. Werkhoven wrote:
2. There's even less chance that that box is also listening for incoming mail.
If it comes from an open relay then there's a very HIGH chance it'll be listening for incomming mail!
I meant a box where someone actually reads mail on of course. Sending a abuse to an open relay is about as usefull as sending a bugreport to MS.. Theo -- Theo v. Werkhoven Registered Linux user# 99872 http://counter.li.org ICBM 52 13 27N , 4 29 45E. SuSE 8.2 x86 Kernel k_Athlon 2.4.20-4GB See headers for PGP/GPG info.
I've still got this spammer trying to use my machine to send Spam. My ISP (NTLWorld) seem either over worked, or isn't going to take any action.
I doubt they're going to take any action
So how can I redirect any connections to port 25 from a specific ip address to connect to another ip address. Basically I would like to redirect all the connections back to the spammers machine if possible. Is this possible, or could this cause more problems.
I'm going to add my voice to everyone who says just block port 25! I feel pretty sure that you get your mail by POP3 from NT Hell World's server, so you don't need to allow port 25 from the outside world. -- James Ogley, Webmaster, Rubber Turnip james@rubberturnip.org.uk http://www.rubberturnip.org.uk Jabber: riggwelter@myjabber.net Using Free Software since 1994, running GNU/Linux (SuSE 8.2). GNOME updates for SuSE: http://www.usr-local-bin.org
* James Ogley (james@usr-local-bin.org) [030927 14:14]:
So how can I redirect any connections to port 25 from a specific ip address to connect to another ip address. Basically I would like to redirect all the connections back to the spammers machine if possible. Is this possible, or could this cause more problems.
I'm going to add my voice to everyone who says just block port 25!
I feel pretty sure that you get your mail by POP3 from NT Hell World's server, so you don't need to allow port 25 from the outside world.
Yes, if you are using pop3 to get your email then you ABSOLUTELY need to block incoming access to port 25. If your using sendmail, postfix or whatever to send email then just use the default SuSE configs for this which have it listen only on localhost. Please don't contribute to open relays. :) -- Ben Rosenberg ---===---===---===--- mailto:ben@whack.org ----- If two men agree on everything, you can be sure that only one of them is doing the thinking.
On Sat, 2003-09-27 at 22:29, Ben Rosenberg wrote:
* James Ogley (james@usr-local-bin.org) [030927 14:14]:
So how can I redirect any connections to port 25 from a specific ip address to connect to another ip address. Basically I would like to redirect all the connections back to the spammers machine if possible. Is this possible, or could this cause more problems.
I'm going to add my voice to everyone who says just block port 25!
I feel pretty sure that you get your mail by POP3 from NT Hell World's server, so you don't need to allow port 25 from the outside world.
Yes, if you are using pop3 to get your email then you ABSOLUTELY need to block incoming access to port 25. If your using sendmail, postfix or whatever to send email then just use the default SuSE configs for this which have it listen only on localhost. Please don't contribute to open relays. :)
I regularly run the mail relay test yo ensure its not acting as a relay. I though I was using the default SuSE configs and that caused the problem with the machine acting as a mail relay for similar ip addresses. mynetworks needs to be defined in the config file to be certain. I own a few domains, so all the email for these domains goes direct to my machine and not via NTL. One reason is that there servers aren't that reliable.
Ben Rosenberg wrote:
* James Ogley (james@usr-local-bin.org) [030927 14:14]:
So how can I redirect any connections to port 25 from a specific ip address to connect to another ip address. Basically I would like to redirect all the connections back to the spammers machine if possible. Is this possible, or could this cause more problems.
I'm going to add my voice to everyone who says just block port 25!
I feel pretty sure that you get your mail by POP3 from NT Hell World's server, so you don't need to allow port 25 from the outside world.
Yes, if you are using pop3 to get your email then you ABSOLUTELY need to block incoming access to port 25. If your using sendmail, postfix or whatever to send email then just use the default SuSE configs for this which have it listen only on localhost. Please don't contribute to open relays. :)
I have the same problem with the SLOX (Suse Open Exchange Server), use postfix, but, Do I need the port 25 open to receive email to MY domain from another SMTP? -- ------------------------------------------------------ Una prensa libre es el gran enemigo de los dictadores. Independientemente de sus abusos, sus debilidades, sus errores. Una prensa libre es la gran aliada y defensora de la democracia. Charlos S. Shapiro Embajador de USA en la Rep. de Venezuela Martes, 20 de Mayo 2003
participants (7)
-
Adam Leach
-
Ben Rosenberg
-
Bruce Marshall
-
Dylan
-
Hipolito A. Gonzalez M.
-
James Ogley
-
Theo v. Werkhoven