centos-bounces at centos.org <> scribbled on Wednesday, October 25, 2006 3:51 PM: > David Mackintosh spake the following on 10/25/2006 10:54 AM: >> Jerry Geis wrote: >>> Gents, >>> >>> I have added the following to /etc/mail/sendmail.mc and rebuilt it >>> trying to control spam. I still get about 25 spam messages a day. >>> Is there something else that can help control spam? >>> >>> Thanks >>> >>> jerry >>> --------------------------- >>> dnl # >>> dnl # dnsbl - DNS based Blackhole List/Black > List/Rejection list dnl >>> # See http://www.sendmail.org/m4/features.html#dnsbl >>> dnl # >>> FEATURE(`dnsbl', `bl.spamcop.net', `"Spam blocked see: >>> http://spamcop.net/bl.shtml?"$&{client_addr}')dnl >>> FEATURE(`dnsbl', `relays.ordb.org', `"Spam blocked see: >>> http://ordb.org/lookup/?host="$&{client_addr}')dnl >>> FEATURE(`dnsbl', `cbl.abuseat.org', `"Spam blocked see: >>> http://cbl.abuseat.org/lookup.cgi?ip="$&{client_addr}')dnl >>> FEATURE(`dnsbl', `sbl.spamhaus.org', `"Spam blocked see: >>> http://spamhaus.org/query/bl?ip="$&{client_addr}')dnl >>> FEATURE(`dnsbl', `list.dsbl.org', `"Spam blocked see: >>> http://dsbl.org/listing?"$&{client_addr}')dnl >>> dnl # >>> >>> _______________________________________________ >>> CentOS mailing list >>> CentOS at centos.org >>> http://lists.centos.org/mailman/listinfo/centos >> This question is probably inappropriate for this list, but maybe >> someone can answer it. >> >> Let's pretend I have a network behind a firewall. And let's pretend >> that the users behind that firewall are both beyond my control, and >> have a non-zero population of idiots. And further, let's > pretend that >> these idiots have done something to land my firewall's > internet IP on >> a blacklist. >> >> So now lets pretend I have a different system on the > internet, running >> sendmail, that I would like to use to relay mail out through, for >> myself and a few carefully selected non-idiot users. And > lets further >> pretend that this server is a secondary MX for a whole bunch of >> domains and so gets pounded with spam. >> >> OK, I set up this server so that it grants RELAY permission in >> /etc/mail/access to the IP address that is on the blacklist and >> everything works. >> >> Now I see the above post and think that adding dnsbl > features to this >> sendmail might be a good way of reducing inbound spam. >> >> So my question is: if my system has granted RELAY permission to a >> system which is in a dnsbl used by the sendmail configuration, does >> the sendmail RELAY, or does it deny the connection attempt? >> >> Thanks for wading through this completely hypothetical situation. >> >> :) > If you allow in the access file, it should override the dns > blacklist. So if you allowed an address in the blacklist, it > should let it through. I think this is true IF you have FEATURE(delay_checks) specified in your sendmail.mc (thus your cf) Mike