Re: Email Hack: Help.

• To: WWW-SECURITY@ns2.rutgers.edu
• Subject: Re: Email Hack: Help.
• From: Steff Watkins <Steff.Watkins@Bristol.ac.uk>
• Date: Tue, 25 Jun 1996 08:45:08 +0100 (BST)
• In-Reply-To: <Pine.BSD/.3.91.960624123356.12305A-100000@ns.sprintout.com> from "Doug Breault" at Jun 24, 96 12:42:45 pm

Doug Breault wrote:
=>
=>Hello Everyone,
=>
=>We've got a problem here with a hacker. There's some punk 
=>apparently hacking a mail server somewhere and sending BS postings all over 
=>the net regarding get rich quick schemes, etc - from a non-existent 
=>account on our server. They've done it twice so far, from two different 
=>non-existent accounts.

=>2. What are the methods one uses to do fake these FROM fields? And is 
=>   there a way to prevent it?

Hi Doug,

  may be able to help here.

Assuming that the systems that have email daemons are Unix-based, you can
use the 'hosts.allow' and 'hosts.deny' mechanism.

Just add all valid hosts to the '/etc/hosts.allow' file and then put 'all'
in the '/etc/hosts.deny' file against the 'smtp' entry.

Hope this helps,

Steff

• Re: Email Hack: Help.
• From: Chris Woods <cjwoods@paladin.com>
• Re: Email Hack: Help.
• From: batie@aahz.jf.intel.com (Alan Batie)
• Re: Email Hack: Help.
• From: John Cronin <John.Cronin@oit.gatech.edu>
• Re: Email Hack: Help.
• From: "Nathan Neulinger" <nneul@umr.edu>

• Email Hack: Help.
• From: Doug Breault <dbreault@ns.sprintout.com>

• Previous: Stopping Java and ActiveX at the proxy server
• Next: Re: Email Hack: Help.
• Index(es):
  • Index
  • Thread