Stopping Spam And Trojan Horses With BSD

← Back to Stories (view on slashdot.org)

Stopping Spam And Trojan Horses With BSD

Posted by Hemos on Sunday December 24, 2000 @04:10PM from the good-tricks-to-know dept.

Brett Glass writes: "This paper, first presented at BSDCon 2000, describes state of the art methods of blocking spam and malware using BSD and Sendmail. The techniques described here are also applicable to other operating systems and mail transfer agents, so this paper is worth reading even if you're using NT, Linux, Postfix, qmail, etc. If you've never heard of a Rumplestiltskin attack, are baffled by the finer points of Sendmail configuration, or want to know how to block worms like ILOVEYOU before they reach vulnerable Windows clients, you'll enjoy this paper. Slides from the presentation are also included."

4 of 54 comments (clear)

Min score:

Reason:

Sort:

Re:Pretty sad... by Tuzanor · 2000-12-24 12:24 · Score: 3

You know, maybe we should all dump /. and get lives...you know, get laid and meet new people. In fact, i'm gonna do that right now. FUCK Taco, FUCK Hemos, and FUCK my Karma. Goodbye forever Slshdot!
*Gets up and walks away*
*5 minutes pass*
*Running sounds back to the computer*
I'm so sorry everybody, please forgive me, it's christmas, and i was so wrapped up over the presents that i wasn't thinking properly. Taco, you rule, Hemos, you're dedicated and I swear I'll never do anything like that again...till the next time :-) seriously merry xmas all...
Trap for harvesters. by BlowCat · 2000-12-24 11:34 · Score: 4

Very nice article, but it misses one very funny method for "trapping" e-mail harvesters by feeding them pages with random addresses.
Look here.
Feh. by The+Welcome+Rain · 2000-12-24 12:46 · Score: 5

The referenced article starts with a particularly ridiculous bit of advocacy that renders the rest of it fairly dubious. It recommends sendmail on the basis of market penetration, but carefully avoids mentioning its security vulnerabilities and accumulation of cruft; it then makes a contrived argument that, since sendmail was developed on a BSD box, it should be run on the same. Nonsense. sendmail works equally poorly on many Un*x variants; there's nothing special about BSD in that regard.

Why should we judge sendmail on its market penetration but avoid judging BSD in the same way? The paper doesn't bother to justify that. I expect its author(s) figured on a sympathetic audience of BSD advocates.

If you really want to avoid being screwed, run a better MTA -- qmail and exim are reasonable choices. BSD is of course a reasonable choice of OS for that job, as are a number of Un*ces. But don't pick BSD because it will run sendmail -- that's like buying a Colt M1911A1 because it can be converted to full auto. The choice of platform is good, but the reasoning stinks!

--

--
Some keywords for the NSA in the Lord of the Rings universe: One Ring bind find Sauron quest Nazgul freedom
filtering on the message body by thogard · 2000-12-24 11:41 · Score: 5

Sendmail has a bad habit if not being able to scan the message body so you have to use an external filter.

I've got a patch to fix this for 8.11.1 that uses the built in regex map to allow sendmail to look for a regex in the body of the message.