PDA

View Full Version : root@domain and domain@domain



wildjokerdesign
04-13-2004, 11:34 AM
In the past I have never really had much trouble with spam. I do not use catch-all on my accounts and try to not list my email address on the internet. Recently on one of my accounts I have been recieveing spam that is addressed to domain@domain.

I decided it was time to try and do something about it so I first stopped by Jalals' site and re-read the two pages on email. The Email System, Part 1 (http://codeworks.gnomedia.com/westhost/email.php) then The Email System, Part 2 (http://codeworks.gnomedia.com/westhost/email2.php). From that information I got that the first stop when mail arrives at your domain is Sendmail (http://www.sendmail.org/) where it is first processed using /etc/mail/access and then /etc/mail/virtusertable.

Below are two issues that come to mind with all this. I have tried to make them clear and when talking about editing a file I denote the file and then what would be added or modified is in the code tags. When I have used the word domain you would replace it with your own domain name or username for your account. Except in the code I have dropped the added .com to keep the board from auto linking the content.

ISSUE ONE
Since I do not use domain@domain as an email address but do have some aliases that send to it I was wondering if I could add this to my access file.
Code In /etc/mail/access


domain@domain.com REJECT


My thought was that right from the start any mail that was delivered to that address would simply be rejected. My only concern is how this would affect other things. Is the access filled again used later in the process since some of the aliases email addys are sent to it? Would I also need to remove domain@domain from the virtusertable? When does the file /etc/mail/aliases come into play? I would imagine that I could try to catch these emails later using procmail or spamassasin but felt this would be the easiest and help cut down the system resources that are used to process this junk.

ISSUE TWO
Another issue that I thought of when looking into this was related to this thread on the root user - http://forums.westhost.com/phpBB2/viewtopic.php?t=1790 . It seems that if you are sending out email via a mail list program or board program it gets sent as root user. If an email is refused by the server that it was sent to it sends the response back to root@domain and then your server complains that root does not have permissions and sends the email to MAILER-DAEMON and adds the original response as an attachment. You can fix this by editing /etc/mail/aliases with something that looks like this.
Code In /etc/mail/aliases


root:Uaccount

Uaccount is replaced by the email account you want these sent to.

Could you modify /etc/mail/virtusertable so that mail sent by a program was not sent as root but as a user. Right now in that file there is an entry that looks like this.
Code In /etc/mail/virtusertable


root@domain.com root

Could it be changed to this.
Code In /etc/mail/virtusertable


root@domain.com Uaccount

Uaccount would be replaced by an email account that was set up in SiteManager.

I have not tested or tried any of the above modifications yet. So if you are trying to do anything like this these are only ideas and may not work. I wanted to post them to get some feed back on what those with more knowledge and experiance might think of them.

FZ
04-13-2004, 12:22 PM
Hey Shawn,

Just thought I'd point out to you that you have quoted ect instead of etc various times in your post when referring to the config files located in that folder (/etc/...). Also: virtuserstable versus virtusertable (once only).

Personally, I've never had either of these issues, even though (until recently) I'd been weathering 2000+ e-mails a day (virii and Spam combined). The REJECT is something I tried, but for some reason it didn't really help much, although in my case it wasn't to reject mail sent to any one address on my account (rather it was to reject mail from a particular domain/host/e-mail address). So, I just stuck to good old Procmail and SpamAssassin. As far as order of processing, I believe access is done first, and then aliases are checked to decide where to deliver mail (or to see if the mail can even be delivered first, before accepting the connection to transfer the body of it). Anyway, I don't have to worry about Spam anymore for the time being, as I just disabled "Use Local Mail Server" for the domain that had the e-mail account that was getting all that junk. Unfortunately, I see that my bandwidth is still being used by the rejection notices sent by Sendmail to the 2000+ senders that are still trying to flood my inbox (though not nearly as much usage as before).

wildjokerdesign
04-13-2004, 12:33 PM
Thanks for pointing out the typo's Fayez. I think I have them corrected now. I really tried to catch all that. Even composed the post on my local computer to try and catch spelling and such. :)

I think I may try some of the above out on my test account but think I may wait till I hear from others. The only problem with that is my test account is just that and does not get any traffic or real use aside from when I am working on something. :(

Thanks again for your input!

FZ
04-13-2004, 12:37 PM
No problem, Shawn... It happens to all of us ;) Most of the posts I make I make with the "Quick Reply" button only to realize I've made so many mistakes it makes me look like English is my fifth language! :lol: Naturally, I edit each post like 6 times after having posted it already...

wildjokerdesign
06-19-2004, 11:20 AM
I thought I should revisit this thread and give an update. I never did anything about the domain@domain.com problem due to other projects I was working on but the spam just continued to increas so I contacted West Host support to see what the best action would be. They responded with a solution that can be handled via your Site Manager and I thought I should pass it on. I have implemented this and tried it out with a test from one of my other accounts and is seems to work.

If you are recieving Spam at the default user account of domain@domain.com and you do not use the email address for anything you can do the following. First if you have any email aliases that set up make sure that they are not pointed at that account. If they are point them to a different email account that you have set up via the Users link under E-mail/FTP Management. The accounts should show up in the drop down list. Make sure to check your Postmaster Destination and change it since by default is pointed to the default account. You then want to create a CommandLine Aliase for the default account.

Log in and go to E-mail/FTP Management and then Aliases. Then click on New Alias. When it ask for the type click on Command in the lower right corner of the box. For Alias Name enter your default username. Then in Destination enter the following command.
/bin/echo Hit Finnish and you have eveything set up and now any mail that is sent to (domain@domain.com) should simply be deleted.

Note one reason I held off on this was I wanted to make sure that I had not for some reason given someone this email addy that was legit. I set up a rule in my Outlook on my local computer to move all mail sent to that address to a folder and then kept track of what was being sent. Remember if you do this anything that is sent to that address is GONE, LOST never to be found.

Hope this may help others who may be having this problem.