[nos-bbs] nos-bbs Digest, Vol 116, Issue 11
Jose Ng Lee
hp2cwb at cwpanama.net
Thu Mar 20 10:47:04 EDT 2014
That's correct. If all the mail is processed OK, the only file left in
mqueue is the sequence. I have so many spam mail waiting to be process in
mqueue that my Jnos couldn't handle and crash. I deleted all those hundreds
and thousands spam.
José / HP2AT
----- Original Message -----
From: "jj" <ve1jot at eastlink.ca>
To: <nos-bbs at tapr.org>
Sent: Wednesday, March 19, 2014 7:06 PM
Subject: Re: [nos-bbs] nos-bbs Digest, Vol 116, Issue 11
> uhm, my mail is always in the spool/mail directory...NOT mqueue..mqueue
> just holds one file keeps track of msg number...
>
> On 03/19/2014 08:24 PM, nos-bbs-request at tapr.org wrote:
>> Send nos-bbs mailing list submissions to
>> nos-bbs at tapr.org
>>
>> To subscribe or unsubscribe via the World Wide Web, visit
>> http://www.tapr.org/mailman/listinfo/nos-bbs
>> or, via email, send a message with subject or body 'help' to
>> nos-bbs-request at tapr.org
>>
>> You can reach the person managing the list at
>> nos-bbs-owner at tapr.org
>>
>> When replying, please edit your Subject line so it is more specific
>> than "Re: Contents of nos-bbs digest..."
>>
>>
>> Today's Topics:
>>
>> 1. Re: How to avoid SMTP spam mail in mqueue (Jose Ng Lee)
>> 2. Re: How to avoid SMTP spam mail in mqueue (Bob Tenty)
>>
>>
>> ----------------------------------------------------------------------
>>
>> Message: 1
>> Date: Wed, 19 Mar 2014 14:27:32 -0500
>> From: "Jose Ng Lee" <hp2cwb at cwpanama.net>
>> To: "Michael E Fox - N6MEF" <n6mef at mefox.org>
>> Cc: TAPR xNOS Mailing List <nos-bbs at tapr.org>
>> Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>> Message-ID: <48074B0A594647769B299A016F9A8A67 at HOLLYWOOD.HOLLYWOOD.COM>
>> Content-Type: text/plain; charset="utf-8"
>>
>> Thanks for the recommendations Michael.
>>
>> I have shorewall firewall block port 25 for two days and Jnos was good
>> and no crash. Today, I tried open port 25 and monitored TUN0 with
>> tcpdump. The smtp mail spam just keep flowing and my Jnos is accepting
>> those spam mail for relay and crashing.
>>
>> As I understood, by default Jnos Deny Relay. I tried the commands "smtp
>> deny relay" and "stmp relay deny" but not accepted.
>>
>> Still trying to find out why Jnos is accepting those e-mail instead of
>> denying relay. Before, I don't have in Rewrite a specific define and all
>> the spam e-mails accumulated in mqueue. Now, in Rewrite everything that
>> is not defined is put in check. So, the check.txt file is growing larger
>> (later delete) but at least is not smtp for delivered out.
>>
>> Jos? / HP2AT
>> ----- Original Message -----
>> From: Michael E Fox - N6MEF
>> To: Jose Ng Lee ; 'TAPR xNOS Mailing List'
>> Sent: Monday, March 17, 2014 2:51 PM
>> Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>
>>
>> For the greatest protection, run all email through your separate mail
>> server. This includes:
>> -- inbound connections from Internet hosts to your public I address,
>> -- inbound connections from Internet hosts to your 44.x address via
>> tunnel from the AMPRnet gateway, and
>> -- inbound connections from other 44.x machines to your 44.x address
>> via tunnels
>>
>>
>> M
>>
>>
>>
>>
>>
>>
>> Sent from my Verizon Wireless 4G LTE smartphone
>>
>>
>> -------- Original message --------
>> From: Jose Ng Lee
>> Date:03/17/2014 8:39 AM (GMT-08:00)
>> To: Michael E Fox - N6MEF ,'TAPR xNOS Mailing List'
>> Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>
>>
>> Thanks Michael for the tips on how to protect my Jnos.
>>
>> I could block SMTP (port 25) on the Firewall for inbound mails to
>> TUN0, but does that block also the good mail 44 route coming fron encap?
>>
>> I trying to figure out why my Jnos accepted all those incoming spam
>> mail. It should have issue an SMTP DENY and not accepted those emails.
>> Maybe, there is a script somewhere on my CentOS machine allowing the
>> entrace. So will keep looking.
>>
>> Jos? / HP2AT
>>
>> ----- Original Message -----
>> From: Michael E Fox - N6MEF
>> To: 'Jose Ng Lee' ; 'TAPR xNOS Mailing List'
>> Sent: Monday, March 17, 2014 8:28 AM
>> Subject: RE: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>
>>
>> Block direct inbound SMTP connections to JNOS.
>>
>> Set up an MX in Linux using all the modern spam avoidance mechanisms
>> dynamic black lists, UBE detection, signature-based detection, etc.) and
>> send all inbound email to JNOS through that mail server using an MX
>> record in DNS.
>>
>>
>>
>> Michael
>>
>> N6MEF
>>
>>
>>
>>
>>
>> From: nos-bbs-bounces at tapr.org [mailto:nos-bbs-bounces at tapr.org] On
>> Behalf Of Jose Ng Lee
>> Sent: Sunday, March 16, 2014 10:55 PM
>> To: TAPR xNOS Mailing List
>> Subject: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>
>>
>>
>> I noticed today my Raspberry Pi Jnos was respawing in every few
>> minutes. So, I checked and found out there was some spam e-mails in
>> mqueue not been able to deliver and causing the system to crash and
>> respawn. Deleted those e-mails and checking the logs and put in
>> blacklist the offender IPs.
>>
>>
>>
>> I play with 3 Jnos systems:
>>
>>
>>
>> Main systems PC with Linux Ubuntu 12.04 LTS: onx.hp2at.ampr.org
>>
>> No spam mail in mqueue.
>>
>>
>>
>> Raspberry Pi with Raspbian: hp2ng.ampr.org
>>
>> Few spam mail in mqueue.
>>
>>
>>
>> PC with Centos 5.9: hp2sa.ampr.org
>>
>> THOUSANDS of spam mail in mqueue. Don't know how this got through
>> or why it was received in JNOS. The autoexec.nos is the same as my other
>> system.
>>
>>
>>
>> This is on the message heading on one mail:
>>
>>
>>
>> Received: from pc-200402271018 by hp2sa.ampr.org (ONXSA BBS) with
>> SMTP
>> id AA24803 ; Thu, 13 Mar 2014 03:17:52 EST
>> From: =?BIG5?B?pWqo5a21vNY=?= <springboard at yahoo.com>
>> To: "awze" <awze at awze.com>
>> Subject:
>>
>> =?BIG5?B?RGlzbmV5qOC1o7nPrtGhQqlfpf2lzaeupHCpaiC1paqpxXao7LTBuc+u0aFCpfq6?=
>> =?BIG5?B?0KRqpViyTaFJ?=
>> Date: Wed, 28 Apr 2004 22:58:06 +0800
>> MIME-Version: 1.0
>> Content-Type: text/html;
>> charset="Big5"
>> Content-Transfer-Encoding: quoted-printable
>> X-Priority: 3
>> X-MSMail-Priority: Normal
>> X-Mailer: Microsoft Outlook Express 6.00.2800.1106
>> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
>> Message-Id: <24804 at hp2sa.ampr.org>
>>
>> Took this JNOS offline until the problem solve.
>>
>>
>>
>> Please can anyone know a way to deny receiving spam mail in jnos.
>>
>>
>>
>> Thanks,
>>
>> Jos? / HP2AT
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL:
>> <http://www.tapr.org/pipermail/nos-bbs/attachments/20140319/5ffcb4a1/attachment-0001.html>
>>
>> ------------------------------
>>
>> Message: 2
>> Date: Wed, 19 Mar 2014 19:24:32 -0400
>> From: Bob Tenty <bobtenty at gmail.com>
>> To: TAPR xNOS Mailing List <nos-bbs at tapr.org>
>> Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>> Message-ID: <532A2730.5070904 at gmail.com>
>> Content-Type: text/plain; charset="iso-8859-1"
>>
>> Jose,
>>
>> Have you defined this in your config.h before your compiled jnos?
>>
>> #define SMTP_DENY_RELAY /* Refuse to relay msgs from hosts not in our
>> subnets */
>>
>> After that you can enable relay for a subnet if you need it, like this
>> for example...
>>
>> smtp relay add 44.123.99.1 0xffffff00
>>
>>
>> There is also a file called "refile" what is located in the jnos spool
>> directory what you can
>> use to filter email based on the "From:" addresses.
>> I will give you a couple of examples:
>>
>> *@financier.com|*@* refuse
>> warbelventas at warbel.com.ar|*@* refuse
>> h*lampe at chello.nl|*@* refuse
>> *@astroexpo.com@*|* hold
>> printz9 at 1st.net|ve3tok@* refuse
>>
>> See also the docs.
>>
>> But again as already said by others, let Linux do the filtering.
>>
>> This is of course a lot of work to setup and maintain.
>> Be also aware that spam filtering can cause a (very) high
>> CPU load on your computer, etc.
>>
>>
>>
>> Bob VE3TOK
>>
>>
>>
>>
>>
>>
>>
>> On 14-03-19 03:27 PM, Jose Ng Lee wrote:
>>> Thanks for the recommendations Michael.
>>> I have shorewall firewall block port 25 for two days and Jnos was good
>>> and no crash. Today, I tried open port 25 and monitored TUN0 with
>>> tcpdump. The smtp mail spam just keep flowing and my Jnos is
>>> accepting those spam mail for relay and crashing.
>>> As I understood, by default Jnos Deny Relay. I tried the commands
>>> "smtp deny relay" and "stmp relay deny" but not accepted.
>>> Still trying to find out why Jnos is accepting those e-mail instead of
>>> denying relay. Before, I don't have in Rewrite a specific define and
>>> all the spam e-mails accumulated in mqueue. Now, in Rewrite
>>> everything that is not defined is put in check. So, the check.txt
>>> file is growing larger (later delete) but at least is not smtp for
>>> delivered out.
>>> Jos? / HP2AT
>>>
>>> ----- Original Message -----
>>> *From:* Michael E Fox - N6MEF <mailto:n6mef at mefox.org>
>>> *To:* Jose Ng Lee <mailto:hp2cwb at cwpanama.net> ; 'TAPR xNOS
>>> Mailing List' <mailto:nos-bbs at tapr.org>
>>> *Sent:* Monday, March 17, 2014 2:51 PM
>>> *Subject:* Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>>
>>> For the greatest protection, run all email through your separate
>>> mail server. This includes:
>>> -- inbound connections from Internet hosts to your public I
>>> address,
>>> -- inbound connections from Internet hosts to your 44.x address
>>> via tunnel from the AMPRnet gateway, and
>>> -- inbound connections from other 44.x machines to your 44.x
>>> address via tunnels
>>>
>>> M
>>>
>>>
>>>
>>> Sent from my Verizon Wireless 4G LTE smartphone
>>>
>>>
>>> -------- Original message --------
>>> From: Jose Ng Lee
>>> Date:03/17/2014 8:39 AM (GMT-08:00)
>>> To: Michael E Fox - N6MEF ,'TAPR xNOS Mailing List'
>>> Subject: Re: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>>
>>> Thanks Michael for the tips on how to protect my Jnos.
>>> I could block SMTP (port 25) on the Firewall for inbound mails to
>>> TUN0, but does that block also the good mail 44 route coming fron
>>> encap?
>>> I trying to figure out why my Jnos accepted all those incoming
>>> spam mail. It should have issue an SMTP DENY and not accepted
>>> those emails. Maybe, there is a script somewhere on my CentOS
>>> machine allowing the entrace. So will keep looking.
>>> Jos? / HP2AT
>>>
>>> ----- Original Message -----
>>> *From:* Michael E Fox - N6MEF <mailto:n6mef at mefox.org>
>>> *To:* 'Jose Ng Lee' <mailto:hp2cwb at cwpanama.net> ; 'TAPR xNOS
>>> Mailing List' <mailto:nos-bbs at tapr.org>
>>> *Sent:* Monday, March 17, 2014 8:28 AM
>>> *Subject:* RE: [nos-bbs] How to avoid SMTP spam mail in mqueue
>>>
>>> Block direct inbound SMTP connections to JNOS.
>>>
>>> Set up an MX in Linux using all the modern spam avoidance
>>> mechanisms dynamic black lists, UBE detection, signature-based
>>> detection, etc.) and send all inbound email to JNOS through
>>> that mail server using an MX record in DNS.
>>>
>>> Michael
>>>
>>> N6MEF
>>>
>>> *From:*nos-bbs-bounces at tapr.org
>>> <mailto:nos-bbs-bounces at tapr.org>
>>> [mailto:nos-bbs-bounces at tapr.org] *On Behalf Of *Jose Ng Lee
>>> *Sent:* Sunday, March 16, 2014 10:55 PM
>>> *To:* TAPR xNOS Mailing List
>>> *Subject:* [nos-bbs] How to avoid SMTP spam mail in mqueue
>>>
>>> I noticed today my Raspberry Pi Jnos was respawing in every
>>> few minutes. So, I checked and found out there was some spam
>>> e-mails in mqueue not been able to deliver and causing the
>>> system to crash and respawn. Deleted those e-mails and
>>> checking the logs and put in blacklist the offender IPs.
>>>
>>> I play with 3 Jnos systems:
>>>
>>> Main systems PC with Linux Ubuntu 12.04 LTS: onx.hp2at.ampr.org
>>>
>>> No spam mail in mqueue.
>>>
>>> Raspberry Pi with Raspbian: hp2ng.ampr.org
>>>
>>> Few spam mail in mqueue.
>>>
>>> PC with Centos 5.9: hp2sa.ampr.org
>>>
>>> THOUSANDS of spam mail in mqueue. Don't know how this got
>>> through or why it was received in JNOS. The autoexec.nos is
>>> the same as my other system.
>>>
>>> This is on the message heading on one mail:
>>>
>>> Received: from pc-200402271018 by hp2sa.ampr.org (ONXSA BBS)
>>> with SMTP
>>> id AA24803 ; Thu, 13 Mar 2014 03:17:52 EST
>>> From: =?BIG5?B?pWqo5a21vNY=?= <springboard at yahoo.com
>>> <mailto:springboard at yahoo.com>>
>>> To: "awze" <awze at awze.com <mailto:awze at awze.com>>
>>> Subject:
>>>
>>> =?BIG5?B?RGlzbmV5qOC1o7nPrtGhQqlfpf2lzaeupHCpaiC1paqpxXao7LTBuc+u0aFCpfq6?=
>>> =?BIG5?B?0KRqpViyTaFJ?=
>>> Date: Wed, 28 Apr 2004 22:58:06 +0800
>>> MIME-Version: 1.0
>>> Content-Type: text/html;
>>> charset="Big5"
>>> Content-Transfer-Encoding: quoted-printable
>>> X-Priority: 3
>>> X-MSMail-Priority: Normal
>>> X-Mailer: Microsoft Outlook Express 6.00.2800.1106
>>> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
>>> Message-Id: <24804 at hp2sa.ampr.org
>>> <mailto:24804 at hp2sa.ampr.org>>
>>>
>>> Took this JNOS offline until the problem solve.
>>>
>>> Please can anyone know a way to deny receiving spam mail in
>>> jnos.
>>>
>>> Thanks,
>>>
>>> Jos? / HP2AT
>>>
>>>
>>>
>>> _______________________________________________
>>> nos-bbs mailing list
>>> nos-bbs at tapr.org
>>> http://www.tapr.org/mailman/listinfo/nos-bbs
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL:
>> <http://www.tapr.org/pipermail/nos-bbs/attachments/20140319/06001f42/attachment.html>
>>
>> ------------------------------
>>
>> _______________________________________________
>> nos-bbs mailing list
>> nos-bbs at tapr.org
>> http://www.tapr.org/mailman/listinfo/nos-bbs
>>
>>
>> End of nos-bbs Digest, Vol 116, Issue 11
>> ****************************************
>
> _______________________________________________
> nos-bbs mailing list
> nos-bbs at tapr.org
> http://www.tapr.org/mailman/listinfo/nos-bbs
>
More information about the nos-bbs
mailing list