Problems with large amoung of rmgroup requests coming through.
John Leslie
john at jlc.net
Fri Nov 2 00:21:57 UTC 2001
Eric McDonald <ericm at rain.org> wrote:
>
> I've been having problems with all sorts of rmgroup commands coming through
> my server.
>
> They all seem to be coming from the same person:
>
> Nov 1 15:38:37 news controlchan[1091]: control_rmgroup, t-netz.werbung
> edhew at xenitec.on.ca edhew at xenitec.on.ca
> @030362756666303800000019D4EE00000001@, news-out.visi.com, doit, 1
>
> Nov 1 15:38:30 news controlchan[1091]: control_rmgroup, t-netz.sex-stories
> edhew at xenitec.on.ca edhew at xenitec.on.ca
> @03036275666630340000001A611A00000001@, news-out.visi.com, doit, 1
I've been getting a large number, but only acting on biz.*, so far
as I can tell. I assume they're either a big-time screwup, or forged.
My Path: shows
Path:
+mozart.jlc.net!andromeda.5sc.net!news-out.cwix.com!newsfeed.cwix.com!intgwpad.n
+ntp.telstra.net!news-server.bigpond.net.au!not-for-mail
which looks mostly honest. Anybody else see evidence of forgery in the Path?
> According to my control.ctl file, this person should only have authority to
> remove groups in the biz.* area, so why is my server responding to control
> messages?
Sorry, can't help you with that. :^(
> bash$ grep edhew control.ctl
> newgroup:edhew at xenitec.on.ca:biz.*:doit
> rmgroup:edhew at xenitec.on.ca:biz.*:doit
> # Contact: Ed Hew <edhew at xenitec.on.ca>
Do you have (at the top):
]
] ## DEFAULT
] all:*:*:mail
It works for me (except for spamming muchly during the periodic
hipcrime storms).
> Any help would be appreciated. So many control messages are being sent that
> it takes down my server. I'm get load averages over 50.
Fortunately, my server isn't acting on them, except to email some
of them to me as newsadmin...
--
John Leslie <john at jlc.net>
More information about the inn-workers
mailing list