LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-03-2007, 01:16 AM   #1
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 595

Rep: Reputation: 30
how to block a virus mail IP?


hi guys,

I know that an ip x.x.x.x continue to send me virus mail and unwanted things. How can i block the ip?


I have APF running on my server and i can blok the IP there. I am confused that" when you add an ip to firewall deny rules,mail from that IP is accepted or rejected?"

If i add an IP to /etc/hosts.deny, wthem y server accept mail from the IP or not?

Last edited by ZAMO; 05-03-2007 at 01:57 AM.
 
Old 05-03-2007, 03:09 AM   #2
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677Reputation: 677
Are you running your own mail server?
You could drop all connections from that IP, but the email may be taking a circuitous route and blocking the email address or IP traffic from that server may not prevent that email. However, if that email server is an open relay, blocking it may be a good idea anyway. My main point is that the actual connection to your machine may not be the source of the traffic.

Look at the header of the email. It is common for the earliest email address to be added before the message is first sent, so you might want to block the 2nd entry, especially if it looks like a normal host and not a commercial mail server.

More information on your setup may help determine the best way to block the emails.
 
Old 05-03-2007, 03:25 AM   #3
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 595

Original Poster
Rep: Reputation: 30
yes , i found out the way

i edited /etc/mail/access

x.x.x.x REJECT
xxxx.com REJECT

and this did the trick.

and thank you for your suggestions.
 
  


Reply

Tags
solution


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Spam/Virus filter for e-mail metallica1973 Linux - Security 8 03-26-2006 07:41 PM
Virus mail sanjibgupta Linux - Security 10 06-18-2004 04:42 AM
OTW. Got a virus in e-mail today. dalek General 23 05-30-2004 08:43 PM
Virus protection for Mail Server nemesisza Linux - Security 1 02-22-2004 09:33 AM
virus protection of e-mail gateway Gavin Linux - Security 3 12-18-2002 12:57 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 12:48 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration