[juneau-lug] Re: SPAM filtering...

  • From: Myron Davis <myrond@xxxxxxxxxxx>
  • To: juneau-lug@xxxxxxxxxxxxx
  • Date: Sun, 2 Mar 2003 13:34:51 -0800

Hi Kevin!

On Thu, 27 Feb 2003, Kevin Miller wrote:

> 
> We get a fair amount of mail over 10 mb so it would be a problem to me.
> Also, I looked into updating sendmail yesterday.  The default install after
> updates/security patches is 8.12.3.  Current is 8.12.7.  One of the readmes
> says to create a user & group called smmsp so that sendmail no longer has to
> run as root.  It recommends using id #25 but that's already taken by default
> on SuSE systems.  Don't know if that's just a "convention" since sendmail
> listens on 25, creating a semi-logical identity relationship or if it's

Yep it's just a semi-logical identity relationship!  (What a great
word!!)


> something used by the system at some deeper level.  They didn't say what to
> do if it was already taken however so I presume that it's not that critical.
> What stumped me though, is what to do w/the password.  Is SOP to leave it
> blank and assign a nul shell to the account?  If not, how does sendmail know

Just add the user w/ that user name and edit /etc/shadow and put a *
inplace of the password :)

I'm not a sendmail guru by any means, but you can always put
/bin/false as the shell, and if it's taken over unfortunately there
are still ways to elevate security.  You may want to check out,
http://www.grsecurity.net and look at the ACL section (grsecurity
patch has a very cool auto-learning ACL system)... you have sendmail
run a while in ACL mode, and then apply the acl's that the system
detects it uses.


> how to log in?

It doesn't need a tty, so it doesn't need to log in.

> 
> ...Kevin
> -------------------
> Kevin Miller 
> CBJ MIS Dept.               Network Systems Administrator, Mail
> Administrator
> 155 South Seward Street     ph: (907) 586-0242
> Juneau, Alaska 99801        fax: (907 586-4500
>  
> 
> >-----Original Message-----
> >From: Myron Davis [mailto:myrond@xxxxxxxxxxx]
> >Sent: Wednesday, February 26, 2003 9:49 AM
> >To: juneau-lug@xxxxxxxxxxxxx
> >Subject: [juneau-lug] Re: SPAM filtering...
> >
> >
> >Hi James!
> >
> >On Wed, 26 Feb 2003, James Zuelow wrote:
> >
> >> 
> >> 
> >> ----- Original Message -----
> >> From: "Myron Davis" <myrond@xxxxxxxxxxx>
> >> 
> >> > I ran MIMEDefang and ran into limitations w/ large 
> >emails... I wonder
> >> > if ACS is going to have the same problem.  It could have been my
> >> > ulimits though...
> >> 
> >> What size e-mail are we talking about?
> >
> >Mainly 10+mb emails (plus overhead from the 7-bit encoding)... maybe
> >ACS doesn't even allow messages that big so there would never be a
> >problem...
> >
> >-Myron
> >
> >
> >> 
> >> I've never run anything like it, and I'm curious.  (Might 
> >stop some of the
> >> spam that gets sent to info@xxxxxxxxxxxxxxx)  I do have some 
> >experience with
> >> antivirus scanning, but the thing to watch out for there are 
> >compressed
> >> files.
> >> 
> >> Cheers,
> >> 
> >> James
> >> 
> >> 
> >> ------------------------------------
> >> This is the Juneau-LUG mailing list.
> >> To unsubscribe, send an e-mail to 
> >juneau-lug-request@xxxxxxxxxxxxx with the word unsubscribe in 
> >the subject header.
> >
> >-- Attached file included as plaintext by Ecartis --
> >
> >-----BEGIN PGP SIGNATURE-----
> >Version: GnuPG v1.0.6 (GNU/Linux)
> >Comment: For info see http://www.gnupg.org
> >
> >iD8DBQE+XQwgnfM/KCuG6/IRAnpwAJ4lPuuDxkAOCp7LKYQIO8hvBcTe2gCaAk+q
> >cBjcrLtnJFKHuNSokA9Yzqc=
> >=PY6o
> >-----END PGP SIGNATURE-----
> >
> >
> >
> >------------------------------------
> >This is the Juneau-LUG mailing list.
> >To unsubscribe, send an e-mail to 
> >juneau-lug-request@xxxxxxxxxxxxx with the word unsubscribe in 
> >the subject header..
> >
> 
> ------------------------------------
> This is the Juneau-LUG mailing list.
> To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
> word unsubscribe in the subject header.

-- Attached file included as plaintext by Ecartis --

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE+Ynj7nfM/KCuG6/IRAmlyAJ9AzUPeUaVIVtzXn/MvO28ghXTbtgCfT/V7
fPPgK/FfqdVIZdaar6uq3II=
=Nzc8
-----END PGP SIGNATURE-----



------------------------------------
This is the Juneau-LUG mailing list.
To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the 
word unsubscribe in the subject header.

Other related posts:

  1. Home
  2. juneau-lug
  3. Archive
  4. 03-2003