[CentOS] Re: spam control
Mike Kercher
mike at vesol.com
Wed Oct 25 23:33:46 UTC 2006
centos-bounces at centos.org <> scribbled on Wednesday, October 25, 2006
3:51 PM:
> David Mackintosh spake the following on 10/25/2006 10:54 AM:
>> Jerry Geis wrote:
>>> Gents,
>>>
>>> I have added the following to /etc/mail/sendmail.mc and rebuilt it
>>> trying to control spam. I still get about 25 spam messages a day.
>>> Is there something else that can help control spam?
>>>
>>> Thanks
>>>
>>> jerry
>>> ---------------------------
>>> dnl #
>>> dnl # dnsbl - DNS based Blackhole List/Black
> List/Rejection list dnl
>>> # See http://www.sendmail.org/m4/features.html#dnsbl
>>> dnl #
>>> FEATURE(`dnsbl', `bl.spamcop.net', `"Spam blocked see:
>>> http://spamcop.net/bl.shtml?"$&{client_addr}')dnl
>>> FEATURE(`dnsbl', `relays.ordb.org', `"Spam blocked see:
>>> http://ordb.org/lookup/?host="$&{client_addr}')dnl
>>> FEATURE(`dnsbl', `cbl.abuseat.org', `"Spam blocked see:
>>> http://cbl.abuseat.org/lookup.cgi?ip="$&{client_addr}')dnl
>>> FEATURE(`dnsbl', `sbl.spamhaus.org', `"Spam blocked see:
>>> http://spamhaus.org/query/bl?ip="$&{client_addr}')dnl
>>> FEATURE(`dnsbl', `list.dsbl.org', `"Spam blocked see:
>>> http://dsbl.org/listing?"$&{client_addr}')dnl
>>> dnl #
>>>
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>> This question is probably inappropriate for this list, but maybe
>> someone can answer it.
>>
>> Let's pretend I have a network behind a firewall. And let's pretend
>> that the users behind that firewall are both beyond my control, and
>> have a non-zero population of idiots. And further, let's
> pretend that
>> these idiots have done something to land my firewall's
> internet IP on
>> a blacklist.
>>
>> So now lets pretend I have a different system on the
> internet, running
>> sendmail, that I would like to use to relay mail out through, for
>> myself and a few carefully selected non-idiot users. And
> lets further
>> pretend that this server is a secondary MX for a whole bunch of
>> domains and so gets pounded with spam.
>>
>> OK, I set up this server so that it grants RELAY permission in
>> /etc/mail/access to the IP address that is on the blacklist and
>> everything works.
>>
>> Now I see the above post and think that adding dnsbl
> features to this
>> sendmail might be a good way of reducing inbound spam.
>>
>> So my question is: if my system has granted RELAY permission to a
>> system which is in a dnsbl used by the sendmail configuration, does
>> the sendmail RELAY, or does it deny the connection attempt?
>>
>> Thanks for wading through this completely hypothetical situation.
>>
>> :)
> If you allow in the access file, it should override the dns
> blacklist. So if you allowed an address in the blacklist, it
> should let it through.
I think this is true IF you have FEATURE(delay_checks) specified in your
sendmail.mc (thus your cf)
Mike
More information about the CentOS
mailing list