[CentOS] Re: spam control
ssilva at sgvwater.com
Wed Oct 25 20:50:57 UTC 2006
David Mackintosh spake the following on 10/25/2006 10:54 AM:
> Jerry Geis wrote:
>> I have added the following to /etc/mail/sendmail.mc and rebuilt it
>> trying to control spam. I still get about 25 spam messages a day.
>> Is there something else that can help control spam?
>> dnl #
>> dnl # dnsbl - DNS based Blackhole List/Black List/Rejection list
>> dnl # See http://www.sendmail.org/m4/features.html#dnsbl
>> dnl #
>> FEATURE(`dnsbl', `bl.spamcop.net', `"Spam blocked see:
>> FEATURE(`dnsbl', `relays.ordb.org', `"Spam blocked see:
>> FEATURE(`dnsbl', `cbl.abuseat.org', `"Spam blocked see:
>> FEATURE(`dnsbl', `sbl.spamhaus.org', `"Spam blocked see:
>> FEATURE(`dnsbl', `list.dsbl.org', `"Spam blocked see:
>> dnl #
>> CentOS mailing list
>> CentOS at centos.org
> This question is probably inappropriate for this list, but maybe someone
> can answer it.
> Let's pretend I have a network behind a firewall. And let's pretend that
> the users behind that firewall are both beyond my control, and have a
> non-zero population of idiots. And further, let's pretend that these
> idiots have done something to land my firewall's internet IP on a
> So now lets pretend I have a different system on the internet, running
> sendmail, that I would like to use to relay mail out through, for myself
> and a few carefully selected non-idiot users. And lets further pretend
> that this server is a secondary MX for a whole bunch of domains and so
> gets pounded with spam.
> OK, I set up this server so that it grants RELAY permission in
> /etc/mail/access to the IP address that is on the blacklist and
> everything works.
> Now I see the above post and think that adding dnsbl features to this
> sendmail might be a good way of reducing inbound spam.
> So my question is: if my system has granted RELAY permission to a system
> which is in a dnsbl used by the sendmail configuration, does the
> sendmail RELAY, or does it deny the connection attempt?
> Thanks for wading through this completely hypothetical situation.
If you allow in the access file, it should override the dns blacklist. So if
you allowed an address in the blacklist, it should let it through.
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!
More information about the CentOS