Re: Setting Sendmail to Refuse Possibly Forged Headers

From: antenneX (antennex_at_swbell.net)
Date: 04/16/04

  • Next message: synrat: "LSI21320-R" 
    To: "Dan Nelson" <dnelson@allantgroup.com>
Date: Thu, 15 Apr 2004 22:13:44 -0500

    ----- Original Message -----
    From: "Dan Nelson" <dnelson@allantgroup.com>
    To: "Martin McCormick" <martin@dc.cis.okstate.edu>
    Cc: <freebsd-questions@freebsd.org>
    Sent: Thursday, April 15, 2004 12:26 PM
    Subject: Re: Setting Sendmail to Refuse Possibly Forged Headers

    > In the last episode (Apr 15), Martin McCormick said:
    > > The sendmail that comes with FreeBSD is set to disallow all
    > > third-party relaying which is wonderful and how I want to keep
    > > things.
    > >
    > > In addition to that, I would like to try to set it to refuse
    > > incoming mail with forged address headers. Judging from the logs, it
    > > seems to be pretty good at catching such messages and most of the
    > > ones I look at that trigger this warning are spam.
    >
    > Take a look at the milter-sender port, which checks the sender's email
    > address and verifies that an smtp server is listening. It's not
    > something that can be done within sendmail, which is why it's a milter.
    >
    > Another thing to check is the HELO string. The following will block
    > all incoming mails claiming to be the mailserver itself. Replace
    > XXXXXX your with server's IP and domainnames, spearated by spaces (so
    > "C{RejectHelo} 1.2.3.4 mydomain.com", for example). I deny ~500 spams
    > a day with this rule alone.
    >
    > #+\/+ Block connections from servers that try and send our IP or hostname
    in the HELO
    > LOCAL_CONFIG
    > C{RejectHelo} XXXXXXXXXX
    >
    > LOCAL_RULESETS
    >
    > SLocal_check_mail
    > R$* $: $1 $| $&s Put helo name in workspace
    > R$* $| $={RejectHelo} $#error $@ 5.7.1 $: "550 Spammer access denied"
    > R$* $| $* $: $1 Extract helo from workspace if it doesn't match
    > #-/\-
    >
    > --
    > Dan Nelson
    > dnelson@allantgroup.com

    Dan: Your suggestions here were appealing, but I'm batting zero.

    1- Will milter-sender work alongside spamass-milter...??
        I *think* it was working on a test box, but failed on production box.

    2- Each of your 3 lines above for "local_check_mail" yelled about expecting
    a Tab when sendmail was restarted... not sure how to fix that.....

    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: synrat: "LSI21320-R"

    Relevant Pages