|
||||
|
Convert Default Addresses to :fail:
I just posted this to a thread and thought I'd make it available to anyone who wants to run it on their servers. It changes all Default Addresses (i.e. catchall aliases) for all domains on the server to :fail:
Code:
#!/usr/bin/perl
print "Converting all domain Default Accounts to :fail: ...";
opendir (DIR, "/etc/valiases/") or die;
while (my $file = readdir (DIR)) {
if ($file =~ /^\./) {next}
open (IN, "</etc/valiases/$file") or die;
my @data = <IN>;
close (IN);
open (OUT, ">/etc/valiases/$file") or die;
foreach my $line (@data) {
if ($line =~ /^\*\:/) {
print OUT "*: :fail:\n";
} else {
print OUT $line;
}
}
close (OUT);
}
print "Done!\n";
__________________
Jonathan Michaelson cPanel Forum Moderator Need your cPanel servers secured and tuned? cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf http://www.configserver.com |
|
||||
|
Nope, :fail: is definitely the way to go. Here comes my usual answer
![]() It's been accepted now that since the use of verify = recipient in exim.conf that it is definitely best to use :fail: now. The reasons are: 1. :blackhole: accepts the email and receives it, then sends it to /dev/null. This wastes your bandwidth and actually breaks the SMTP RFC because you're not notifying the sender that the email is undelivered. 2. :fail: stops the email from being received, because verify = recipient occurs at the RCPT phase of the SMTP exchange before any data has been received. No bounce is sent, the exchange simply termintates with an SMTP error code. This means much less processing resources on your SMTP server, much less bandwidth (you don't actually receive the email) and you maintain RFC compliance by notifying the senders SMTP server that the delivery failed (which spammers ignore and real people appreciate if they've made an addressing mistake).
__________________
Jonathan Michaelson cPanel Forum Moderator Need your cPanel servers secured and tuned? cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf http://www.configserver.com |
|
||||
|
Btw, just to back that up - I did extensive research on the use of :blackhole: and :fail: when I wrote the exim Dictionary Attack ACL over here:
http://www.webumake.com/free/eximdeny.htm I also used to think that :blackhole: was best until it was pointed out to me that several months ago the ACL's were changed to use verify = recipient at the RCPT stage. So cynical me went and checked it out and found it to be perfectly true
__________________
Jonathan Michaelson cPanel Forum Moderator Need your cPanel servers secured and tuned? cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf http://www.configserver.com |
|
|||
|
Quote:
I will email you later, off this site and let you know the much better way to use your perl script with exim.conf |
|
||||
|
Quote:
Since you're so highly critical of it, I do hope you will have the decency to post the problems with the implementation here as a matter of urgency, since it is so "flawed".
__________________
Jonathan Michaelson cPanel Forum Moderator Need your cPanel servers secured and tuned? cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf http://www.configserver.com Last edited by chirpy; 10-23-2004 at 05:22 AM. |
|
|||
|
FWIW, the dictionary rules are working very well for me. I've noticed that among the bogus recipients there are often some valid ones, so along with reducing load, it's helped ditch a bit of spam.
Quote:
|
|
|||
|
Quote:
The current version of the ACL doesn't work on such servers, since they don't even have the valias files on them. Help! |
|
||||
|
You cannot implement it for email being queued on a secondary MX server because the email has not reached its final destination. This can only happen on the primary MX server. It's a limitation you have by imposing an additional hop in the mail delivery route by interrupting the direct SMTP delivery from the source.
__________________
Jonathan Michaelson cPanel Forum Moderator Need your cPanel servers secured and tuned? cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf http://www.configserver.com |
|
||||
|
I think you have to add extra detection to the script.
From what I know, this script will also switch the pipings that are required by helpdesk softwares to :fail: You have to use pregmatch regex to check that the destination is not a php,cgi or a binary. Hope that helps.
__________________
= = = = = = = = = = = = = = = = = = Cpanel XP Evolution (Add DOZENS of functions to your Cpanel NOW!!!) - 21 Languages, User Friendly Interface, Feature Enabled, Highly Customizable, Create Popup Once window, Language Aware, Flash Tutorials, Theme Changer,Integration with Modernbill,WHM AutoPilot,ClientExec,LPanel&WHOISCart
|
|
||||
|
Hi Roy,
I completely agree. It was just thrown togther for those that wanted to splat all their domains, as someone asked for it. So they got it
__________________
Jonathan Michaelson cPanel Forum Moderator Need your cPanel servers secured and tuned? cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf http://www.configserver.com |
|
|||
|
You just take this script, place it in a new file on your server and access it to run the script?
__________________
█ eMax Hosting, LLC - Providing Reliable Hosting Services for the past 3 years ¨€ cPanel, MySQL, 24/7 Support, Money Back Guarantee, *Free Website Builder*, ¨€ Shared Hosting, Reseller Hosting, Dedicated Management, Site Monitoring Services, 97% Client Rating ¨€ Have a Sales Questions? Call us toll free at 1-800-770-eMax! |
|
||||
|
Yes, bascially do this as root on the server:
pico -w defrep.pl (paste in the script from the thread and exit) perl defrep.pl That should be it.
__________________
Jonathan Michaelson cPanel Forum Moderator Need your cPanel servers secured and tuned? cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf http://www.configserver.com |
![]() |
| Thread Tools | |
| Display Modes | |
|
|