|
|
| Author |
Message |
| 25 new of 251 responses total. |
jlamb
|
|
response 25 of 251:
| 
Jan 1 15:19 UTC 2003 |
Login Name TTY Idle Login Time Location Work
Phone
noot Scott Helmke's Root p1 Jan 1 10:14
root Operator p0 Jan 1 10:13
|
tonster
|
|
response 26 of 251:
|
Jan 1 15:23 UTC 2003 |
resp:20: If the webserver is up, you should be able to login and use
backtalk. If logins are disabled, you just can't login, likely because
someone is working to clear up whatever was causing the problems that
made them reboot grex. They'd want to make sure those scripts are gone,
logins are disabled, and possibly networks are blocked so they can
prevent the person from coming right back and starting again.
|
jlamb
|
|
response 27 of 251:
|
Jan 1 15:27 UTC 2003 |
Valerie Comeing to Save GREX!!!!!!
Login Name TTY Idle Login Time Location Work
Phone
noot Scott Helmke's Root p1 Jan 1 10:14
valerie Valerie Mates *s0 Jan 1 10:21 Happy
Everything!
|
jlamb
|
|
response 28 of 251:
|
Jan 1 15:28 UTC 2003 |
The Webserver is Obviously up, Or how would i be entering items, or how
would people read them.
|
scott
|
|
response 29 of 251:
|
Jan 1 15:54 UTC 2003 |
Really nasty vandal - but I think we've managed to deal with it.
|
jlamb
|
|
response 30 of 251:
|
Jan 1 15:56 UTC 2003 |
grex is up at 10:54
appeared to be another attack early this morning!!!!!
|
jlamb
|
|
response 31 of 251:
|
Jan 1 16:05 UTC 2003 |
While grex is preventing Vandals, Mnet is letting them on their
systems, after the mailbombing cgi script
Login: kap Name: kap de kuk
Directory: /home/guest/kap Shell: /bin/bash
On since Wed Jan 1 10:48 (EST) on ttypk, idle 0:08, from 203.111.194.11
No Mail.
Plan: Alternate Email: neuro@pula.com
bash-
2.05a$
|
davel
|
|
response 32 of 251:
|
Jan 1 18:28 UTC 2003 |
Thanks, Scott.
|
naftee
|
|
response 33 of 251:
|
Jan 1 22:22 UTC 2003 |
I'm not sure if the user kap is still allowed to log on. Finger information
shows up even if the user is splatted.
|
jlamb
|
|
response 34 of 251:
|
Jan 2 00:28 UTC 2003 |
resp:33 READ CLOSER
On since Wed Jan 1 10:48 (EST) on ttypk, idle 0:08, from 203.111.194.11
|
keesan
|
|
response 35 of 251:
|
Jan 2 16:11 UTC 2003 |
In the past day or so I have received five (5) copies of happy.scr from
azhar.rajput@sympatico.ca. If other people have been receiving these, can
the filter be set to reject mail from this idiot? Is happy.scr the
screensaver it claims to be or some virus on another machine? The mails are
47K and I have to empty my mailbox regularly to keep it functional.
|
keesan
|
|
response 36 of 251:
|
Jan 2 18:03 UTC 2003 |
Can someone explain again, in detail, how to use procmail. I just got a sixth
copy of the above spam, all 49K with header and message.
|
keesan
|
|
response 37 of 251:
|
Jan 2 18:12 UTC 2003 |
Would it work to create a file in my home directory called .procmailrc
and put into it the lines :0 * ^From:azhar.rajput* /dev/null
(These are three separate lines but I cannot type a line starting with a colon
into bbs.)
|
naftee
|
|
response 38 of 251:
|
Jan 2 18:33 UTC 2003 |
RE:37
You might have to put something in your .forward to make it work. You can
also put a space before the gate prompt if you are entering special
characters, like:
!
:
|
keesan
|
|
response 39 of 251:
|
Jan 2 19:06 UTC 2003 |
So what is .forward supposed to look like?
I think procmail should be included in something like the CHANGE program so
that all we beginners can use it more easily. Any volunteers to do this?
I put those lines in a file .procmailrc (also * before the from address
since it comes as azhar rajput <azhar.rajput.....> and at least it is not
blocking normal mail (I sent myself a test mail). The man page for procmail
also said to put -m somewhere, but I could not understand most of it.
|
jlamb
|
|
response 40 of 251:
|
Jan 2 20:32 UTC 2003 |
You might want to post something in JellyWare about this, i dont think
the item gets much traffic
|
jmsaul
|
|
response 41 of 251:
|
Jan 2 22:32 UTC 2003 |
Procmail's not trivial to set up using just the man page.
|
keesan
|
|
response 42 of 251:
|
Jan 2 23:40 UTC 2003 |
I know, can you help me to figure it out? All I want to do is block mail from
azhar.rajput@sympatico.ca (send it to /dev/null), but I suppose it would also
be helpful to block other mail with subject line 'urgent business proposal',
and other people probably would want to learn procmail. Should I start an
agora item on this?
|
jlamb
|
|
response 43 of 251:
|
Jan 3 02:55 UTC 2003 |
resp:42 you should start an item on procmail, i would like to know how
to block spam from many different places i get them from
|
jmsaul
|
|
response 44 of 251:
|
Jan 3 03:05 UTC 2003 |
Re #42: No, because I haven't taken the time to learn it myself.
|
naftee
|
|
response 45 of 251:
|
Jan 3 03:09 UTC 2003 |
!man 5 procmailrc
|
remmers
|
|
response 46 of 251:
|
Jan 3 11:55 UTC 2003 |
I've been using procmail for a while, so I'll make a stab at a procmail
quickstart. Your .forward file should have one line, that looks like this:
"|IFS=' '&&exec /usr/local/bin/procmail -f-||exit 75 #USER"
where in place of USER you put your own login id. The .foward file must
be publicly readable. Then every time a mail message is received,
procmail will be run and consult your .procmailrc file to decide what
to do with the message.
The first line of .procmailrc should be this:
MAIL=PATH-TO-YOUR-INBOX
where in place of PATH-TO-YOUR-INBOX you put the full path of your mail
inbox. For keesan, this would be /var/spool/mail/k/e/keesan .
Subsequent lines of .procmailrc are filter rules. Lines that begin with
a # are comments. A filter rule that will will send all messages from
azhar.rajput@sympatico.ca to /dev/null would be this:
# Toss all mail from azhar.rajput
:0:
* ^From:.*azhar\.rajput@sympatico\.ca
/dev/null
The characters '.' and '*' are wildcards that match any single character
and any run of 0 or more characters, respectively. The purpose of the
the '.*' in the above rule is to skip over blanks between the From: header
and the email address. The purpose of the '\' preceding the periods in
the email address is to cause the periods to be interpreted literally
rather than as wildcard characters. The '^' character means "beginning
of line".
You can filter on "From:", "To:", "Subject:", or any other header, as well
as body content. For example, this rule tosses all mail with the phrase
"free sex site" in the subject line:
:0:
* ^Subject:.*free *sex *site
/dev/null
Here, the ' *' sequences match any number of blanks between the words, so
that this rule will catch the phrase even if the words are separated by
multiple spaces. Procmail does case-independent pattern matching, so the
rule will also filter "FREE SEX SITE", "Free Sex Site", etc.
The above examples are pretty simple. Procmail rules can be quite elaborate;
see "man procmailrc" and "man procmailex" for complete discussion and more
examples.
I actually don't use procmail rules to filter spam -- the spamassassin
program (not installed on Grex) is much more effective for this purpose.
My main use of procmail is to pre-sort mailing list messages into separate
folders.
|
krj
|
|
response 47 of 251:
|
Jan 3 13:57 UTC 2003 |
(That should probably be a separate item so it's easier to find it.
Thanks John!)
|
tsty
|
|
response 48 of 251:
|
Jan 3 15:34 UTC 2003 |
what are teh various pros/cons between procmail and mh. or does mh
also use procmail for a filter?
|
gelinas
|
|
response 49 of 251:
|
Jan 3 16:06 UTC 2003 |
Rather than responding further, let's start a new item for mail-processing.
If one hasn't been started by the time I finish reading currently new
responses, I'll start one.
|
