Protect yourself from being a spam base

Protecting yourself from being a spam base

Sendmail allows for someone to telnet to port 25 and do an expn (expand) to see what users and aliases are on your machine. Also, vrfy (verify) means someone can get legal e-mail addresses from your box and send spam through your machine.

Don’t want that, so look in your /etc/sendmail.cf file for a line that looks like this:

###############
# Options #
###############

Now cut and paste these next few lines below that:

# turning off the expand option and requiring a helo from
# a remote computer
Opnoexpn,novrfy,needmailhelo

Now there is no expansion, no verify, and sendmail requires a helo with a legitimate DNS in order to use the mailer.

Then look in your /etc/mail/aliases file and ensure you have only your own boxen and/or subnet in there as OK or RELAY. That will help cut down on spammers’ ability to find relay machines to do their dirty work for them.

Comments

comments

Powered by Facebook Comments

Leave a Reply

Content Protected Using Blog Protector By: PcDrome. & GeekyCube.