 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU |
My (loosing) battle with spam has concentrated on sending complaints and putting new "no_access" entries in "/etc/xinetd.d/qmail". And with Red Hat 7.2 I get a logwtch e-mail every day summarizing what has been happening in /var/log/secure. Pretty cool, it summarizes that so-and-so has logged in over ssh n-times from IP address such-and-such, and things like that. But when it gets to the refused e-mail connections from spammers it has a large block that starts something like this: **Unmatched Entries** xinetd[16277]: FAIL: smtp address from=128.121.16.247 But there are a lot of strings run together from the "xinetd" part to the IP address part. Has anyone done the research to figure out how to tell logwatch to summarize these xinetd refusals? On any given day there is a lot of repetition in this, it is only a handful of spammers who keep hitting me over and over again. It would be nice to turn that part of the logwatch into just a couple three lines. Poking around it looks like adding a /etc/log.d/conf/services/xinetd.conf isn't good enough, it then wants a real script that does the real work in /etc/log.d/scripts/services/xinetd. Anyone written one? -kb
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
