DOS attacked :(
Ugo Bellavance
ugob at CAMO-ROUTE.COM
Thu Mar 4 15:12:05 GMT 2004
>-----Message d'origine-----
>De : Rick Cooper [mailto:rcooper at DWFORD.COM]
>Envoyé : 4 mars, 2004 06:50
>À : MAILSCANNER at JISCMAIL.AC.UK
>Objet : Re: DOS attacked :(
>
>
>> -----Original Message-----
>> From: Pete [mailto:pete at eatathome.com.au]
>> Sent: Thursday, March 04, 2004 6:26 AM
>> To: Rick Cooper; Julian Field; MailScanner mailing list
>> Subject: Re: DOS attacked :(
>>
>>
>> So you're sure thats all i have to do, no messing
>> about and trying to learn bind? If i have to learn to
>> drive Bind i am not going to bother, but its its a
>> matter of just starting it up, am happy to try, even
>> will try right now.
>>
>> Other thing i wanted to know was whether an upgrade to
>> 4.28.8-4 would be the shot? Or stick with latest stable?
>
>I would sort out your network problems before you go one more
>step, MailScanner has nothing to do with this if you cannot even
>manully ping a RBL host by name.
>
>It's been awhile since I used a bone stock redhat configuration
>and I have never bothered with RH.9 but I am sure the bone stock
>named config is only a caching server so it alows updates from
>none, listens on 127.0.0.1 only and allows access from 127.0.0.1
>only. No need to do anything clever just resolve for the
>localhost only.
In fact it is the package named "caching-nameserver"
>
>Just do the items I described earlier and redo your manual rbl
>tests. If you can ping by name then try your MS tests again, I
>think you will be amazed. But once you get things sorted out
>don't forget to chkconfig --add named and chkconfig named on
>
>If you cannot resolve a host name nothing is going to work
>properly, I can't image how you are sending the mail? Have you
>looked at your outbound queue?
>
>>
>>
>>
>> >Sorry, I thought you said you installed from source.
>> >
>> >Have you thought about enabling named
>> (/etc/init.d/named start)
>> >on your box, the default would be just a caching name
>> server but
>> >it would resolve from root servers without using the
>> external DNS
>> >servers as the default and set your /etc/resolv.conf
>> to something
>> >like
>> >
>> >options ndots:1
>> >nameserver 127.0.0.1
>> >nameserver current.ns.1.address
>> >nameserver current.ns2.address
>> >multi on
>> >
>> >then /etc/init.d/network restart
>> >
>> >You may well see a noticeable improvement with RBLS
>> and such that
>> >require a lot of DNS lookups. If it helps just add/enable with
>> >chkconfig
>> >
>> >
>> >
>> >
>> >
>> >
>>
>>
>> --
>> This message has been scanned for viruses and
>> dangerous content by MailScanner, and is
>> believed to be clean.
>>
>>
>
More information about the MailScanner
mailing list