[9811] in North American Network Operators' Group
Re: Information re: Cyberpromo
daemon@ATHENA.MIT.EDU (Dalvenjah FoxFire)
Tue Jun 3 15:33:56 1997
From: Dalvenjah FoxFire <dalvenjah@dal.net>
To: hannigan@firefly.net (Martin J. Hannigan)
Date: Tue, 3 Jun 1997 12:05:10 -0700 (PDT)
Cc: nanog@merit.edu
In-Reply-To: <199706022005.UAA24766@big-man.firefly.net> from "Martin J. Hannigan" at Jun 2, 97 04:05:45 pm
Martin J. Hannigan put this into my mailbox:
>
> >
> > Martin J. Hannigan put this into my mailbox:
>
> [ snip ]
>
> > Two months with these filters, and no complaints yet.
>
> Was that some wrappered service? Looked like tcp_wrappers.
> I think a router with enough memory would be a better performer
> for filtering activies at that layer.
What I actually did was take sendmail 8.8.5, #define TCPWRAPPERS, and
then modify the code so that it calls hosts_ctl (the function that checks
/etc/hosts.deny) on connect, not just on MAIL FROM. Yes, this causes remote
sites to churn if they get denied, but from the syslogs, there really aren't
that many people who try for that long.
The exact patch was posted to bugtraq a while back. If you're interested,
please mail me privately.
-dalvenjah
--
Dalvenjah FoxFire (aka Sven Nielsen) "The weapon which causes the most
Founder, the DALnet IRC Network damage to the Internet is
the keyboard."
e-mail: dalvenjah@dal.net WWW: http://www.dal.net/~dalvenjah/
whois: SN90 Try DALnet! http://www.dal.net/
