[nos-bbs] nos-bbs Digest, Vol 116, Issue 11

jj ve1jot at eastlink.ca
Wed Mar 19 20:06:39 EDT 2014


uhm, my mail is always in the spool/mail directory...NOT mqueue..mqueue 
just holds one file keeps track of msg number...

On 03/19/2014 08:24 PM, nos-bbs-request at tapr.org wrote:
> Send nos-bbs mailing list submissions to
> 	nos-bbs at tapr.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://www.tapr.org/mailman/listinfo/nos-bbs
> or, via email, send a message with subject or body 'help' to
> 	nos-bbs-request at tapr.org
>
> You can reach the person managing the list at
> 	nos-bbs-owner at tapr.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of nos-bbs digest..."
>
>
> Today's Topics:
>
>     1. Re: How to avoid SMTP spam mail in mqueue (Jose Ng Lee)
>     2. Re: How to avoid SMTP spam mail in mqueue (Bob Tenty)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 19 Mar 2014 14:27:32 -0500
> From: "Jose Ng Lee" <hp2cwb at cwpanama.net>
> To: "Michael E Fox - N6MEF" <n6mef at mefox.org>
> Cc: TAPR xNOS Mailing List <nos-bbs at tapr.org>
> Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
> Message-ID: <48074B0A594647769B299A016F9A8A67 at HOLLYWOOD.HOLLYWOOD.COM>
> Content-Type: text/plain; charset="utf-8"
>
> Thanks for the recommendations Michael.
>
> I have shorewall firewall block port 25 for two days and Jnos was good and no crash.  Today, I tried open port 25 and monitored TUN0 with tcpdump.  The smtp mail spam just keep flowing and my Jnos is accepting those spam mail for relay and crashing.
>
> As I understood, by default Jnos Deny Relay.  I tried the commands "smtp deny relay" and "stmp relay deny" but not accepted.
>
> Still trying to find out why Jnos is accepting those e-mail instead of denying relay.  Before, I don't have in Rewrite a specific define and all the spam e-mails accumulated in mqueue.  Now, in Rewrite everything that is not defined is put in check.  So, the check.txt file is growing larger (later delete) but at least is not smtp for delivered out.
>
> Jos? / HP2AT
>    
>    ----- Original Message -----
>    From: Michael E Fox - N6MEF
>    To: Jose Ng Lee ; 'TAPR xNOS Mailing List'
>    Sent: Monday, March 17, 2014 2:51 PM
>    Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>
>
>    For the greatest protection, run all email through your separate mail server.  This includes:
>    -- inbound connections from Internet hosts to your public I address,
>    -- inbound connections from Internet hosts to your 44.x address via tunnel from the AMPRnet gateway, and
>    -- inbound connections from other 44.x machines to your 44.x address via tunnels
>
>
>    M
>
>
>
>
>
>
>    Sent from my Verizon Wireless 4G LTE smartphone
>
>
>    -------- Original message --------
>    From: Jose Ng Lee
>    Date:03/17/2014 8:39 AM (GMT-08:00)
>    To: Michael E Fox - N6MEF ,'TAPR xNOS Mailing List'
>    Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>
>
>    Thanks Michael for the tips on how to protect my Jnos.
>
>    I could block SMTP (port 25) on the Firewall for inbound mails to TUN0, but does that block also the good mail 44 route coming fron encap?
>
>    I trying to figure out why my Jnos accepted all those incoming spam mail.  It should have issue an SMTP DENY and not accepted those emails.  Maybe, there is a script somewhere on my CentOS machine allowing the entrace.  So will keep looking.
>
>    Jos? / HP2AT
>
>      ----- Original Message -----
>      From: Michael E Fox - N6MEF
>      To: 'Jose Ng Lee' ; 'TAPR xNOS Mailing List'
>      Sent: Monday, March 17, 2014 8:28 AM
>      Subject: RE: [nos-bbs] How to avoid SMTP spam mail in mqueue
>
>
>      Block direct inbound SMTP connections to JNOS.
>
>      Set up an MX in Linux using all the modern spam avoidance mechanisms dynamic black lists, UBE detection, signature-based detection, etc.) and send all inbound email to JNOS through that mail server using an MX record in DNS.
>
>
>
>      Michael
>
>      N6MEF
>
>
>
>
>
>      From: nos-bbs-bounces at tapr.org [mailto:nos-bbs-bounces at tapr.org] On Behalf Of Jose Ng Lee
>      Sent: Sunday, March 16, 2014 10:55 PM
>      To: TAPR xNOS Mailing List
>      Subject: [nos-bbs] How to avoid SMTP spam mail in mqueue
>
>
>
>      I noticed today my Raspberry Pi Jnos was respawing in every few minutes.   So, I checked and found out there was some spam e-mails in mqueue not been able to deliver and causing the system to crash and respawn.  Deleted those e-mails and checking the logs and put in blacklist the offender IPs.
>
>
>
>      I play with 3 Jnos systems:
>
>
>
>      Main systems PC with Linux Ubuntu 12.04 LTS: onx.hp2at.ampr.org
>
>      No spam mail in mqueue.
>
>
>
>      Raspberry Pi with Raspbian: hp2ng.ampr.org
>
>      Few spam mail in mqueue.
>
>
>
>      PC with Centos 5.9: hp2sa.ampr.org
>
>      THOUSANDS of spam mail in mqueue.  Don't know how this got through or why it was received in JNOS.  The autoexec.nos is the same as my other system.
>
>
>
>      This is on the message heading on one mail:
>
>
>
>      Received: from pc-200402271018 by hp2sa.ampr.org (ONXSA BBS) with SMTP
>              id AA24803 ; Thu, 13 Mar 2014 03:17:52 EST
>      From: =?BIG5?B?pWqo5a21vNY=?= <springboard at yahoo.com>
>      To: "awze" <awze at awze.com>
>      Subject:
>       =?BIG5?B?RGlzbmV5qOC1o7nPrtGhQqlfpf2lzaeupHCpaiC1paqpxXao7LTBuc+u0aFCpfq6?=
>       =?BIG5?B?0KRqpViyTaFJ?=
>      Date: Wed, 28 Apr 2004 22:58:06 +0800
>      MIME-Version: 1.0
>      Content-Type: text/html;
>              charset="Big5"
>      Content-Transfer-Encoding: quoted-printable
>      X-Priority: 3
>      X-MSMail-Priority: Normal
>      X-Mailer: Microsoft Outlook Express 6.00.2800.1106
>      X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
>      Message-Id: <24804 at hp2sa.ampr.org>
>
>      Took this JNOS offline until the problem solve.
>
>
>
>      Please can anyone know a way to deny receiving spam mail in jnos.
>
>
>
>      Thanks,
>
>      Jos? / HP2AT
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://www.tapr.org/pipermail/nos-bbs/attachments/20140319/5ffcb4a1/attachment-0001.html>
>
> ------------------------------
>
> Message: 2
> Date: Wed, 19 Mar 2014 19:24:32 -0400
> From: Bob Tenty <bobtenty at gmail.com>
> To: TAPR xNOS Mailing List <nos-bbs at tapr.org>
> Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
> Message-ID: <532A2730.5070904 at gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Jose,
>
> Have you defined this in your config.h before your compiled jnos?
>
> #define SMTP_DENY_RELAY /* Refuse to relay msgs from hosts not in our
> subnets */
>
> After that you can enable relay for a subnet if you need it, like this
> for example...
>
> smtp relay add 44.123.99.1    0xffffff00
>
>
> There is also a file called "refile" what is located in the jnos spool
> directory what you can
> use to filter email based on the "From:" addresses.
> I will give you a couple of examples:
>
> *@financier.com|*@* refuse
> warbelventas at warbel.com.ar|*@* refuse
> h*lampe at chello.nl|*@* refuse
> *@astroexpo.com@*|* hold
> printz9 at 1st.net|ve3tok@* refuse
>
> See also the docs.
>
> But again as already said by others, let Linux do the filtering.
>
> This is of course a lot of work to setup and maintain.
> Be also aware that spam filtering can cause a (very) high
> CPU load on your computer, etc.
>
>
>
> Bob VE3TOK
>
>
>
>
>
>
>
> On 14-03-19 03:27 PM, Jose Ng Lee wrote:
>> Thanks for the recommendations Michael.
>>   
>> I have shorewall firewall block port 25 for two days and Jnos was good
>> and no crash.  Today, I tried open port 25 and monitored TUN0 with
>> tcpdump.  The smtp mail spam just keep flowing and my Jnos is
>> accepting those spam mail for relay and crashing.
>>   
>> As I understood, by default Jnos Deny Relay.  I tried the commands
>> "smtp deny relay" and "stmp relay deny" but not accepted.
>>   
>> Still trying to find out why Jnos is accepting those e-mail instead of
>> denying relay.  Before, I don't have in Rewrite a specific define and
>> all the spam e-mails accumulated in mqueue.  Now, in Rewrite
>> everything that is not defined is put in check.  So, the check.txt
>> file is growing larger (later delete) but at least is not smtp for
>> delivered out.
>>   
>> Jos? / HP2AT
>>   
>>
>>      ----- Original Message -----
>>      *From:* Michael E Fox - N6MEF <mailto:n6mef at mefox.org>
>>      *To:* Jose Ng Lee <mailto:hp2cwb at cwpanama.net> ; 'TAPR xNOS
>>      Mailing List' <mailto:nos-bbs at tapr.org>
>>      *Sent:* Monday, March 17, 2014 2:51 PM
>>      *Subject:* Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>
>>      For the greatest protection, run all email through your separate
>>      mail server.  This includes:
>>      -- inbound connections from Internet hosts to your public I address,
>>      -- inbound connections from Internet hosts to your 44.x address
>>      via tunnel from the AMPRnet gateway, and
>>      -- inbound connections from other 44.x machines to your 44.x
>>      address via tunnels
>>
>>      M
>>
>>
>>
>>      Sent from my Verizon Wireless 4G LTE smartphone
>>
>>
>>      -------- Original message --------
>>      From: Jose Ng Lee
>>      Date:03/17/2014 8:39 AM (GMT-08:00)
>>      To: Michael E Fox - N6MEF ,'TAPR xNOS Mailing List'
>>      Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>
>>      Thanks Michael for the tips on how to protect my Jnos.
>>       
>>      I could block SMTP (port 25) on the Firewall for inbound mails to
>>      TUN0, but does that block also the good mail 44 route coming fron
>>      encap?
>>       
>>      I trying to figure out why my Jnos accepted all those incoming
>>      spam mail.  It should have issue an SMTP DENY and not accepted
>>      those emails.  Maybe, there is a script somewhere on my CentOS
>>      machine allowing the entrace.  So will keep looking.
>>       
>>      Jos? / HP2AT
>>       
>>
>>          ----- Original Message -----
>>          *From:* Michael E Fox - N6MEF <mailto:n6mef at mefox.org>
>>          *To:* 'Jose Ng Lee' <mailto:hp2cwb at cwpanama.net> ; 'TAPR xNOS
>>          Mailing List' <mailto:nos-bbs at tapr.org>
>>          *Sent:* Monday, March 17, 2014 8:28 AM
>>          *Subject:* RE: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>
>>          Block direct inbound SMTP connections to JNOS.
>>
>>          Set up an MX in Linux using all the modern spam avoidance
>>          mechanisms dynamic black lists, UBE detection, signature-based
>>          detection, etc.) and send all inbound email to JNOS through
>>          that mail server using an MX record in DNS.
>>
>>          Michael
>>
>>          N6MEF
>>
>>          *From:*nos-bbs-bounces at tapr.org
>>          <mailto:nos-bbs-bounces at tapr.org>
>>          [mailto:nos-bbs-bounces at tapr.org] *On Behalf Of *Jose Ng Lee
>>          *Sent:* Sunday, March 16, 2014 10:55 PM
>>          *To:* TAPR xNOS Mailing List
>>          *Subject:* [nos-bbs] How to avoid SMTP spam mail in mqueue
>>
>>          I noticed today my Raspberry Pi Jnos was respawing in every
>>          few minutes.   So, I checked and found out there was some spam
>>          e-mails in mqueue not been able to deliver and causing the
>>          system to crash and respawn.  Deleted those e-mails and
>>          checking the logs and put in blacklist the offender IPs.
>>
>>          I play with 3 Jnos systems:
>>
>>          Main systems PC with Linux Ubuntu 12.04 LTS: onx.hp2at.ampr.org
>>
>>          No spam mail in mqueue.
>>
>>          Raspberry Pi with Raspbian: hp2ng.ampr.org
>>
>>          Few spam mail in mqueue.
>>
>>          PC with Centos 5.9: hp2sa.ampr.org
>>
>>          THOUSANDS of spam mail in mqueue.  Don't know how this got
>>          through or why it was received in JNOS.  The autoexec.nos is
>>          the same as my other system.
>>
>>          This is on the message heading on one mail:
>>
>>          Received: from pc-200402271018 by hp2sa.ampr.org (ONXSA BBS)
>>          with SMTP
>>                  id AA24803 ; Thu, 13 Mar 2014 03:17:52 EST
>>          From: =?BIG5?B?pWqo5a21vNY=?= <springboard at yahoo.com
>>          <mailto:springboard at yahoo.com>>
>>          To: "awze" <awze at awze.com <mailto:awze at awze.com>>
>>          Subject:
>>           =?BIG5?B?RGlzbmV5qOC1o7nPrtGhQqlfpf2lzaeupHCpaiC1paqpxXao7LTBuc+u0aFCpfq6?=
>>           =?BIG5?B?0KRqpViyTaFJ?=
>>          Date: Wed, 28 Apr 2004 22:58:06 +0800
>>          MIME-Version: 1.0
>>          Content-Type: text/html;
>>                  charset="Big5"
>>          Content-Transfer-Encoding: quoted-printable
>>          X-Priority: 3
>>          X-MSMail-Priority: Normal
>>          X-Mailer: Microsoft Outlook Express 6.00.2800.1106
>>          X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
>>          Message-Id: <24804 at hp2sa.ampr.org <mailto:24804 at hp2sa.ampr.org>>
>>
>>          Took this JNOS offline until the problem solve.
>>
>>          Please can anyone know a way to deny receiving spam mail in jnos.
>>
>>          Thanks,
>>
>>          Jos? / HP2AT
>>
>>
>>
>> _______________________________________________
>> nos-bbs mailing list
>> nos-bbs at tapr.org
>> http://www.tapr.org/mailman/listinfo/nos-bbs
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://www.tapr.org/pipermail/nos-bbs/attachments/20140319/06001f42/attachment.html>
>
> ------------------------------
>
> _______________________________________________
> nos-bbs mailing list
> nos-bbs at tapr.org
> http://www.tapr.org/mailman/listinfo/nos-bbs
>
>
> End of nos-bbs Digest, Vol 116, Issue 11
> ****************************************




More information about the nos-bbs mailing list