DOS attacked :(

Rick Cooper rcooper at DWFORD.COM
Thu Mar 4 11:49:53 GMT 2004 

> -----Original Message-----
> From: Pete [mailto:pete at eatathome.com.au]
> Sent: Thursday, March 04, 2004 6:26 AM
> To: Rick Cooper; Julian Field; MailScanner mailing list
> Subject: Re: DOS attacked :(
>
>
> So you're sure thats all i have to do, no messing
> about and trying to learn bind? If i have to learn to
> drive Bind i am not going to bother, but its its a
> matter of just starting it up, am happy to try, even
> will try right now.
>
> Other thing i wanted to know was whether an upgrade to
> 4.28.8-4 would be the shot? Or stick with latest stable?

I would sort out your network problems before you go one more
step, MailScanner has nothing to do with this if you cannot even
manully ping a RBL host by name.

It's been awhile since I used a bone stock redhat configuration
and I have never bothered with RH.9 but I am sure the bone stock
named config is only a caching server so it alows updates from
none, listens on 127.0.0.1 only and allows access from 127.0.0.1
only. No need to do anything clever just resolve for the
localhost only.

Just do the items I described earlier  and redo your manual rbl
tests. If you can ping by name then try your MS tests again, I
think you will be amazed. But once you get things sorted out
don't forget to chkconfig --add named and chkconfig named on

If you cannot resolve a host name nothing is going to work
properly, I can't image how you are sending the mail? Have you
looked at your outbound queue?

>
>
>
> >Sorry, I thought you said you installed from source.
> >
> >Have you thought about enabling named
> (/etc/init.d/named start)
> >on your box, the default would be just a caching name
> server but
> >it would resolve from root servers without using the
> external DNS
> >servers as the default and set your /etc/resolv.conf
> to something
> >like
> >
> >options ndots:1
> >nameserver 127.0.0.1
> >nameserver current.ns.1.address
> >nameserver current.ns2.address
> >multi on
> >
> >then /etc/init.d/network restart
> >
> >You may well see a noticeable improvement with RBLS
> and such that
> >require a lot of DNS lookups. If it helps just add/enable with
> >chkconfig
> >
> >
> >
> >
> >
> >
>
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>

More information about the MailScanner mailing list