[CentOS] mail/access revisited
craigwhite at azapple.com
Sun Mar 12 22:33:53 UTC 2006
On Sun, 2006-03-12 at 16:53 -0500, Sam Drinkard wrote:
> Will McDonald wrote:
> > On 12/03/06, Sam Drinkard <sam at wa4phy.net> wrote:
> >> A while back, I posted a note asking if anyone had any ideas why the
> >> /etc/mail/access file was not being parsed or utilized in the efforts to
> >> stop spam and junk mail. I just looked over things again, and have still
> >> not found any reason why it still permits the TLD's I have listed to pass
> >> thru. I also thought perhaps there might be some "upper limit" to the
> >> number of entries sendmail could handle. What do the sendmail guru's think
> >> about that idea? I may reduce the number of entries from the current 275
> >> +/- down to just the most offensive TLD's and see what happens. Short of
> >> that, are there any other thoughts ya'll might have as to why it still
> >> passes the stuff I want blocked?
> > I don't know the ins-and-outs of Sendmail access well but does it base
> > its decision purely on the "From" address, which as we all know isn't
> > necessarily where a message originates. Or could it be basing the
> > access decision on the initial Received: from address, and/or that
> > addresses reverse lookup, in the header?
> > In which case, a spam could originate from mail.blah.com and access
> > would accept it but the message itself would appear to come from
> > spammers at domain.ru. You'd accept the message inspite of having .ru
> > denied in your access.
> > Just a thought.
> > Will.
> > _______________________________________________
> > CentOS mailing list
> > CentOS at centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> As far as I know Will, sendmail looks at the access database, and will
> not allow a connection from the sending host if that particular IP or
> hostname happens to be in there. The access list *used* to work, but as
> I mentioned, I'm wondering if perhaps I've hit an upper limit or
> exceeded a limit where nothing in there is being parsed now. I don't go
> by hostname when blocking. I look at the sending host IP and block
> that. Headers from sendmail tell who or what connected to the port or
> tried to connect.
it does if you use REJECT
it also does things like ALLOW
and things like RELAY
I have never had a sendmail 'access' file with more than a few lines and
I don't think that it was actually intended to be a spam filter. There
are other very good methodologies for managing spam and sendmail is
quite capable of using them.
More information about the CentOS