Unixwiz.net - Steve Friedl's Weblog: September 2003 Archives

September 22, 2003

Shopping Cart 101

I guess this is one way to increase site sales... (found at Timeslips Corp).

Posted by Steve at 09:28 AM

September 18, 2003

Isn't this "Net" theme going a little far?

OK, so we're all used to "e-" and "net" being attached to everything ("e-Laundry", "Beef-net", etc.), but isn't this stretching the paradigm just a bit?

Posted by Steve at 09:18 PM

September 03, 2003

News flash: spammers lie!

This week I figured out something that everybody else who runs a mailserver already knows: spammers (and spamware) lies.

The first part of an SMTP handshake is where the client sends the HELO string, and it's identifying itself to me. Normally they use the fully-qualified domain name of the sending server, and if I send mail to you, my server says

HELO linux.unixwiz.net

Some really finicky sites requires that the the HELO name match the inverse DNS name, but I've never been that fussy. But while reviewing my logfiles, I noticed that a lot of sites were claiming to be me:

HELO 64.170.162.98

That's my mailserver's own IP address, and I can't think of any reason why a legitimate outside mailserver would claim to be me. This is a hallmark of spam, so I did some more digging. I found that in the thousands of messages I've received over the last couple of months, more than 10% were these kinds of forgeries - I was shocked. Reviewing the logs in more detail showed that every single one was spam. 100.00%. Amazing.

Thankfully, Postfix makes it easy to tell these losers to get lost. In the main.cf file, I added a new rule:

smtpd_helo_required = yes

smtpd_helo_restrictions =
        permit_mynetworks,
        check_helo_access hash:/etc/postfix/helo_access

And created a simple /etc/postfix/helo_access file:

64.170.162.98      REJECT Get lost - you're lying about who you are
linux.unixwiz.net  REJECT Get lost - you're lying about who you are
smtp.unixwiz.net   REJECT Get lost - you're lying about who you are

After rebuilding the map file (which creates helo_access.db) and reloading Postfix, my mailserver is now happily slamming the front door on these forgeries.

Update - I've expanded on this topic: Unixwiz.net Tech Tip: Blocking spammers with Postfix HELO

Posted by Steve at 10:54 PM

Hey SCO: Invoice *This*

It seems that the losers at SCO are about to send out invoices to people who use Linux commercially.

I'm using Linux for my webserver, for software development, and for several embedded projects for customers: this is clearly commercial use. SCO should feel free to send me an invoice:

Stephen J. Friedl
1891 Running Branch Way
Tustin, CA 92780

I have reserved a blank spot on my wall for it.

Posted by Steve at 06:53 AM