Re: [exim] authenticating all users.

Startseite
Nachricht löschen
Nachricht beantworten
Autor: Jan Ingvoldstad
Datum:  
To: exim users
Betreff: Re: [exim] authenticating all users.
On Fri, Nov 30, 2012 at 10:34 AM, Cyborg <cyborg2@???> wrote:

> That's amateur spaming .. a nasty spam scripts forks itself of and uses
> it's own SMTP-engine to send mails. They do it for exactly the reason to
> hide the identity of the account they hacked. It's even worse sometimes,
> when the hacker stores the script via ftp, calls it via http and deletes it
> instantly via ftp again. If you run mod_php , your screwed so many times :)
>


You could run mod_php with a privilege separation module/patch for Apache,
such as MPM-ITK, that will ensure that user information is available again.

But in general, it's probably better to use suphp.

And hey, you can use perlscripts for spamming too, bypassing the little
> protection php setups can give you :) if perl isn't available use ruby or
> python.
>
> it would be cool, if the firewall rules would implement a UID option ..
> allow port 25 connections only if uid is in ( 0, 93 ) . That would really
> help.
>


Another mitigation technique is to pass all outgoing messages through a
smarthost, and disallow port 25 connections to anything but localhost. The
smarthost can then employ rate limiting and other rules to delay spam (and
of course, a risk of delaying legitimate email).
--
Jan