[CentOS] mail/access revisited

Will McDonald wmcdonald at gmail.com
Sun Mar 12 20:50:38 UTC 2006


On 12/03/06, Sam Drinkard <sam at wa4phy.net> wrote:
>  A while back, I posted a note asking if anyone had any ideas why the
> /etc/mail/access file was not being parsed or utilized in the efforts to
> stop spam and junk mail.  I just looked over things again, and have still
> not found any reason why it still permits the TLD's I have listed to pass
> thru.  I also thought perhaps there might be some "upper limit" to the
> number of entries sendmail could handle.  What do the sendmail guru's think
> about that idea?  I may reduce the number of entries from the current 275
> +/- down to just the most offensive TLD's and see what happens.  Short of
> that, are there any other thoughts ya'll might have as to why it still
> passes the stuff I want blocked?

I don't know the ins-and-outs of Sendmail access well but does it base
its decision purely on the "From" address, which as we all know isn't
necessarily where a message originates. Or could it be basing the
access decision on the initial Received: from address, and/or that
addresses reverse lookup, in the header?

In which case, a spam could originate from mail.blah.com and access
would accept it but the message itself would appear to come from
spammers at domain.ru. You'd accept the message inspite of having .ru
denied in your access.

Just a thought.

Will.



More information about the CentOS mailing list