DOS attacked :(
Drew Marshall
drew at THEMARSHALLS.CO.UK
Thu Mar 4 12:00:55 GMT 2004
Rick Cooper said:
>> -----Original Message-----
>> From: Pete [mailto:pete at eatathome.com.au]
>> Sent: Thursday, March 04, 2004 6:26 AM
>> To: Rick Cooper; Julian Field; MailScanner mailing list
>> Subject: Re: DOS attacked :(
>>
>>
>> So you're sure thats all i have to do, no messing
>> about and trying to learn bind? If i have to learn to
>> drive Bind i am not going to bother, but its its a
>> matter of just starting it up, am happy to try, even
>> will try right now.
>>
>> Other thing i wanted to know was whether an upgrade to
>> 4.28.8-4 would be the shot? Or stick with latest stable?
>
> I would sort out your network problems before you go one more
> step, MailScanner has nothing to do with this if you cannot even
> manully ping a RBL host by name.
>
> It's been awhile since I used a bone stock redhat configuration
> and I have never bothered with RH.9 but I am sure the bone stock
> named config is only a caching server so it alows updates from
> none, listens on 127.0.0.1 only and allows access from 127.0.0.1
> only. No need to do anything clever just resolve for the
> localhost only.
This will also stop Postfix if you are using any of it's UCE features.
Assuming you get some form of DNS running again, I would start just one
Postfix process - the out going one (Postfix not postfix.in) as $ postfix
-C /etc/postfix start and watch your logs, you should see any 'out going'
(Scanned) queued mail be delivered, then start MailScanner and get MS to
clear it's queue, ten re-start the postfix.in to allow more incoming. Heep
an eye on the log files and the mail queue ($ mailq). That at least will
tell you where the hold up occrs (If any where).
>
> Just do the items I described earlier and redo your manual rbl
> tests. If you can ping by name then try your MS tests again, I
> think you will be amazed. But once you get things sorted out
> don't forget to chkconfig --add named and chkconfig named on
>
> If you cannot resolve a host name nothing is going to work
> properly, I can't image how you are sending the mail? Have you
> looked at your outbound queue?
>
>>
>>
>>
>> >Sorry, I thought you said you installed from source.
>> >
>> >Have you thought about enabling named
>> (/etc/init.d/named start)
>> >on your box, the default would be just a caching name
>> server but
>> >it would resolve from root servers without using the
>> external DNS
>> >servers as the default and set your /etc/resolv.conf
>> to something
>> >like
>> >
>> >options ndots:1
>> >nameserver 127.0.0.1
>> >nameserver current.ns.1.address
>> >nameserver current.ns2.address
>> >multi on
>> >
>> >then /etc/init.d/network restart
>> >
>> >You may well see a noticeable improvement with RBLS
>> and such that
>> >require a lot of DNS lookups. If it helps just add/enable with
>> >chkconfig
>> >
>> >
>> >
>> >
>> >
>> >
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>>
>
--
In line with our policy, this message has
been scanned for viruses and dangerous
content by MailScanner, and is believed to be clean.
www.themarshalls.co.uk/policy
More information about the MailScanner
mailing list