LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 05-03-2007, 12:16 AM   #1
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 598

Rep: Reputation: 30
how to block a virus mail IP?


hi guys,

I know that an ip x.x.x.x continue to send me virus mail and unwanted things. How can i block the ip?


I have APF running on my server and i can blok the IP there. I am confused that" when you add an ip to firewall deny rules,mail from that IP is accepted or rejected?"

If i add an IP to /etc/hosts.deny, wthem y server accept mail from the IP or not?

Last edited by ZAMO; 05-03-2007 at 12:57 AM.
 
Old 05-03-2007, 02:09 AM   #2
jschiwal
LQ Guru
 
Registered: Aug 2001
Location: Fargo, ND
Distribution: SuSE AMD64
Posts: 15,733

Rep: Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682Reputation: 682
Are you running your own mail server?
You could drop all connections from that IP, but the email may be taking a circuitous route and blocking the email address or IP traffic from that server may not prevent that email. However, if that email server is an open relay, blocking it may be a good idea anyway. My main point is that the actual connection to your machine may not be the source of the traffic.

Look at the header of the email. It is common for the earliest email address to be added before the message is first sent, so you might want to block the 2nd entry, especially if it looks like a normal host and not a commercial mail server.

More information on your setup may help determine the best way to block the emails.
 
Old 05-03-2007, 02:25 AM   #3
ZAMO
Member
 
Registered: Mar 2007
Distribution: Redhat &CentOS
Posts: 598

Original Poster
Rep: Reputation: 30
yes , i found out the way

i edited /etc/mail/access

x.x.x.x REJECT
xxxx.com REJECT

and this did the trick.

and thank you for your suggestions.
 
  


Reply

Tags
solution


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Spam/Virus filter for e-mail metallica1973 Linux - Security 8 03-26-2006 06:41 PM
Virus mail sanjibgupta Linux - Security 10 06-18-2004 03:42 AM
OTW. Got a virus in e-mail today. dalek General 23 05-30-2004 07:43 PM
Virus protection for Mail Server nemesisza Linux - Security 1 02-22-2004 08:33 AM
virus protection of e-mail gateway Gavin Linux - Security 3 12-18-2002 11:57 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 04:09 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration