Email is a common channel for cybercriminals to hack into a system because it was originally designed to be open and accessible to everyone. Of course, those were the nascent stages of the Internet when such sophisticated attacks were unheard of. But as the Internet grew, it became a popular vector for attacks as hackers […]
5 Best Email Security Software
Business Email Security Best Practices
Email is the most popular and preferred channel for business communication today. It is estimated that about 63% of business professionals prefer to use emails for their business communication, and each employee sends an average of 40 emails per day for business purposes. But there’s also a downside to this widespread usage, and that’s unauthorized […]
Test SMTP (email) via Telnet
One good trick to use when testing your email server is to use telnet. To send email, you can just telnet into the destination email server directly: u-1@srv-1 u-1 $ telnet yourmailserver.com 25 Trying 21.40.23.46… Connected to yourmailserver.com. Escape character is ‘^]’. 220 mx.yourmailserver.com ESMTP Sendmail 8.12.9/8.12.9; Thu, 12 Jun 2003 10:06:19 -0700 helo frommail.com […]
Osirusoft Is Blocking All Hosts
Due to DDoS attacks on Osirusoft, Osirusoft decided to reject all. So, if you are using Osirusoft to block spam, stop! Well, hats off to the valiant efforts of Osirusoft. Can’t really blame them for their reaction to this world of shit. The beautiful thing is that sysadmins and others in our community will find […]
Using Watch-maillog To Reduce Spam Chatter
It is truly amazing how many resources are taken up on a server by other rogue boxes searching for an open relay, or simply sending dictionary attempts at finding local users. Watch-maillog is a perl script that uses IPtables to block mail servers that abuse your server. Watch-maillog helps with this by blocking servers that […]
Setting Reply-to Address in Pine
We often need to mail brief messages from servers to send config files, or quick messages to other sysadmins. Pine works well for this, and the installation is mostly a single binary. We usually are logged in on some account that isn’t the email address we wish replies to come to. It turns out that […]
Adding an Alias to Postfix
If you simply want to make a mailbox receive mail for another address, just add the full address to /etc/postfix/virtual: [root@srv-2 postfix]# cat virtual usr-1@networking.com usr usr-1@networking2.com usr usr-2@maildomain.com anotherusr If we simply add this line to the bottom: usr-3@maildomain.com anotherusr Mail that was was delivered previously via usr-2@maildomain.com will be delivered in the same […]
UNIX and Outlook Express Interoperability
The MIME on Outlook Express seems to be broken. We have seen several instances where Outlook Express users cannot read Email sent by UNIX Email clients. The message is garbled with lots of question marks and other random characters. We have had this problem here at netadmintools.com, since we use Linux Office Suite 99 for […]
Wadding up Spambots With Spiderkiller
Spiderkiller is a C program that will generate unique pages with random email addresses that will confuse harvesting bots. Compile the app: srv-5:~ usr4$ gcc spiderkiller.c -o spiderkiller spiderkiller.c: In function ‘main’: spiderkiller.c:299: warning: incompatible implicit declaration of built-in function ‘strlen’ The options are simple: srv-5:~ usr4$ ./spiderkiller -help Usage: spiderkiller [-help] [-n ] [-k […]
IMAP Installation and Initial Configuration
First, we grab the source from the UW distribution link on here: [root@srv-33 src]# ls imap.tar.Z imap-utils.tar.Z [root@srv-33 src]# tar -xzf imap.tar.Z [root@srv-33 src]# ls imap-2001.BETA.SNAP-0105251616 imap.tar.Z imap-utils.tar.Z [root@srv-33 src]# mkdir imaputils (We will deal with imaputils in a different section.) [root@srv-33 src]# mv *util* imaputils mv: cannot move `imaputils’ to a subdirectory of itself, […]
Postfix RPM Upgrade for Red Hat Enterprise Linux 3
One of the servers we work on is running Red Hat Enterprise Linux 3 (RHEL 3). We needed some features in the later versions of Postfix, rather than the backported version for RHEL 3. There are some RPMs available here: http://postfix.wl0.org/ftp/official/2.2/RPMS-rhel3-i386 The latest version as of the date of this article is 2.2.5-3. If you […]
Sendmail Installation and Initial Configuration
First, we want to remove all the RPM stuff. A general note here. We are removing the RPMs, because we want to write all of the articles from the perspective of a generic Linux distribution as much as possible. True, we rely on the default file structure and general layout of Red Hat; however, by […]
Postfix Source RPM Upgrade for Red Hat Enterprise Linux 3
In this article, we upgraded Postfix to 2.2.5 via RPMs; however, if a later version is needed, and you are running Red Hat Enterprise Linux Version 3 (RHEL 3), an RPM needs to be created from source. There is a source RPM for 2.2.6 available here: http://postfix.wl0.org/ftp/official/2.2/SRPMS/ To use the RPM, install it: [root@s root]# […]
Automated email of attachments
It is quite easy to email security or traffic reports automatically. We will use mpack, sendmail, and cron, but certainly the techniques could be combined with other utilities. The challenge with emailing files is that you have to encode the attachments into the email message using MIME. For the nitty gritty on MIME, see http://www.nacs.uci.edu/indiv/ehood/MIME/MIME.html. […]
Using UW IMAP and Xinetd For Dual SSL and Plaintext Support
First off, Pine rocks when it comes to reading mail quickly, particularly on a server where a GUI is not available. Second of all, it often doesn’t come with GNU/Linux distributions anymore. I suppose that part of the problem is that pine includes a version of IMAP that can cause problems if it coexists with […]
Clean up spam with Pine
Outlook is nice and all, particularly when dealing with, oh, 90 percent of the email clients out there. The same thing that makes it nice, also makes it insecure. Some of the email accounts we monitor have been quite public, and receive not only a lot of spam, but also a lot of viruses. If […]
Avoid Unwanted Email
The opportunists who send unsolicited bulk email (UBE) use tools that do not follow standards. This can work to an advantage in that improper configuration can allow quite a bit of filtering to be done on inbound email. For instance, the following entries in main.cf for postfix will dramatically cut down on email from misconfigured […]
Masquerading with Sendmail
If you have a sendmail server that has a hostname that isn’t resolvable, you may need to masquerade as a different host. This is often the case if you are running sendmail on your internal workstation. We also ran into this while bringing up a Squirrel Mail web based mail system. Simply add these lines […]
Blue Security DDOS
There is an excellent discussion of the Blue Security DDOS attack here, including a copy of discussion from those behind the DDOS here. There is more information on Blue Frog and related issues on Wikipedia here. If you somehow missed this, it is probably in your best interest to be aware of what is going […]
Update those Sendmail DNS Blacklists
All of the DNS blacklists we used a couple years ago are defunct. There are, however, a slew of new DNS-based blacklists that can help protect your users from spam. Understand that with any blacklist there is a chance that legitimate email will be blocked. Balancing this against the cost and annoyance of spam is […]