Re: sendmail/smail with relaying blocks?
On Fri, 9 May 1997, Tim Cutts wrote:
> My exim package currently allows relaying; as Craig points out below, what
> you allow relaying to/from is extremely site-dependent. I think it is
> more sensible to allow relaying by default; without it remote mail from
> Eudora and the like will fail, and I'd rather it worked by default.
i (mostly) agree with this. I think i'll just package the files, along with
whatever documentation, readme's, URL references etc i can find, and leave
everything turned off by default.
> > As far as i can tell, if you block relaying by IP address, you have
> > to list every individual IP address in the LocalIP file. You can't
> > just specify a network address and a netmaks (e.g. 192.168.1.0/24)
> In exim you can restrict it to certain networks. For example, my SG
> site restricts relaying to hosts in 131.111, like so:
i just looked at the sendmail hacks again (there's a new version which
has some new features) and you can specify whole networks just by
leaving off the final IP address. e.g. to allow 184.108.40.206/24 you list
"203.16.167" in /etc/mail/LocalIP.
it would be better if it understood netmasks.
> > 2. do we (debian) distribute a 'Spammers' and 'SpamDomains' file with the
> > package? what are the legal ramifications of doing that?
> That's unfeasible. The list grows too fast.
yeah, i know.
except example purposes, it's probably pointless to try to include a list.
> We try to maintain one here in Cambridge, and I have long since given
> up trying to keep up.
My personal procmailrc filters out potential spam into a separate
folder. every so often i go through it and extract email addresses and
spam domains to add to my list.
> and I also reject mail from certain hosts and networks entirely:
> sender_net_reject_recipients = 220.127.116.11/255.255.255.0
> sender_host_reject_recipients = 18.104.22.168:22.214.171.124:126.96.36.199:188.8.131.52:20
The latest version of the sendmail hacks has a feature like this...it's
probably better than trying to keep firewall rules up to date.
networking consultant Available for casual or contract
temporary autonomous zone system administration tasks.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .