Craig White wrote:
On Sun, 2006-03-12 at 16:53 -0500, Sam Drinkard wrote:
Will McDonald wrote:
On 12/03/06, Sam Drinkard sam@wa4phy.net wrote:
A while back, I posted a note asking if anyone had any ideas why the /etc/mail/access file was not being parsed or utilized in the efforts to stop spam and junk mail. I just looked over things again, and have still not found any reason why it still permits the TLD's I have listed to pass thru. I also thought perhaps there might be some "upper limit" to the number of entries sendmail could handle. What do the sendmail guru's think about that idea? I may reduce the number of entries from the current 275 +/- down to just the most offensive TLD's and see what happens. Short of that, are there any other thoughts ya'll might have as to why it still passes the stuff I want blocked?
I don't know the ins-and-outs of Sendmail access well but does it base its decision purely on the "From" address, which as we all know isn't necessarily where a message originates. Or could it be basing the access decision on the initial Received: from address, and/or that addresses reverse lookup, in the header?
In which case, a spam could originate from mail.blah.com and access would accept it but the message itself would appear to come from spammers@domain.ru. You'd accept the message inspite of having .ru denied in your access.
Just a thought.
Will. _______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
As far as I know Will, sendmail looks at the access database, and will not allow a connection from the sending host if that particular IP or hostname happens to be in there. The access list *used* to work, but as I mentioned, I'm wondering if perhaps I've hit an upper limit or exceeded a limit where nothing in there is being parsed now. I don't go by hostname when blocking. I look at the sending host IP and block that. Headers from sendmail tell who or what connected to the port or tried to connect.
it does if you use REJECT
it also does things like ALLOW
and things like RELAY
I have never had a sendmail 'access' file with more than a few lines and I don't think that it was actually intended to be a spam filter. There are other very good methodologies for managing spam and sendmail is quite capable of using them.
Craig
CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
I am using REJECT in all cases where it applies, and RELAY for my own little part of the world. I've been using access for about 10 years with no problems till now. I suppose the only way to tell if there is a limit would be to remove some, or create a new file and test it. I am fully aware of the process of how it works, and a make must be done after any changes. Sendmail does not need to be restarted to read the new file either.