[Previous] [Next] [Index]
[Thread]
Re: Email Hack: Help.
Doug Breault wrote:
=>
=>Hello Everyone,
=>
=>We've got a problem here with a hacker. There's some punk
=>apparently hacking a mail server somewhere and sending BS postings all over
=>the net regarding get rich quick schemes, etc - from a non-existent
=>account on our server. They've done it twice so far, from two different
=>non-existent accounts.
=>2. What are the methods one uses to do fake these FROM fields? And is
=> there a way to prevent it?
Hi Doug,
may be able to help here.
Assuming that the systems that have email daemons are Unix-based, you can
use the 'hosts.allow' and 'hosts.deny' mechanism.
Just add all valid hosts to the '/etc/hosts.allow' file and then put 'all'
in the '/etc/hosts.deny' file against the 'smtp' entry.
Hope this helps,
Steff
Follow-Ups:
References: