What the heck, if you do not care about ANY mail from the relay server and you
can run mail under inetd and have netcat, here is something that I find
interesting:
in.smtpd: 206.139.138.70: twist nc -n %a 25
What this does is open a port 25 connection directly back to them. In other
words, when they open your port 25, they are really opening their own.
I actually do not call nc directly but call a script like this:
in.smtpd: 206.139.138.70: twist /usr/sbin/up-yours 10 25 %a
Then the up-yours script is something like:
#! /bin/sh
sleep $1
nc -n $3 $2
exit 0
On 15-Oct-97 Tim Patterson wrote:
>Hello,
>
>I continue to be bombed by a relay program called Upyours.
>
>Thanks to exim, I have been able minimize the damage.
>However, now I would like to become somewhat aggressive towards some of
>the servers that allow the relaying.
>
>Specifically, I would like to bounce messages based on some of this
>program's known symptoms back to root of the server that allows the relay
>to occur.
>
>ie message from lamer@???, relayed via h=206.139.138.70
>back to root@206.139.138.70
>
>Suggestions or hints appreciated.
>
>Tim Patterson
>@harborside
>
>
>--
>* This is sent by the exim-users mailing list. To unsubscribe send a
> mail with subject "unsubscribe" to exim-users-request@???
>* Exim information can be found at http://www.exim.org/
>
--
* This is sent by the exim-users mailing list. To unsubscribe send a
mail with subject "unsubscribe" to exim-users-request@???
* Exim information can be found at http://www.exim.org/
