Re: sendmail/smail with relaying blocks?

To: Tim Cutts <tjrc1@mole.bio.cam.ac.uk>
Cc: Mark Baker <mbaker@iee.org>, debian-devel@lists.debian.org
Subject: Re: sendmail/smail with relaying blocks?
From: Craig Sanders <cas@taz.net.au>
Date: Sat, 10 May 1997 12:48:34 +1000 (EST)
Message-id: <[🔎] Pine.LNX.3.96.970510124042.7810O-100000@siva.taz.net.au>
In-reply-to: <[🔎] Pine.SGI.3.95.970509091310.5422A-100000@mole.bio.cam.ac.uk>

On Fri, 9 May 1997, Tim Cutts wrote:

> My exim package currently allows relaying; as Craig points out below, what
> you allow relaying to/from is extremely site-dependent.  I think it is
> more sensible to allow relaying by default; without it remote mail from
> Eudora and the like will fail, and I'd rather it worked by default.  

i (mostly) agree with this.  I think i'll just package the files, along with
whatever documentation, readme's, URL references etc i can find, and leave
everything turned off by default.

> > As far as i can tell, if you block relaying by IP address, you have
> > to list every individual IP address in the LocalIP file. You can't
> > just specify a network address and a netmaks (e.g. 192.168.1.0/24)
>
> In exim you can restrict it to certain networks. For example, my SG
> site restricts relaying to hosts in 131.111, like so:

i just looked at the sendmail hacks again (there's a new version which
has some new features) and you can specify whole networks just by
leaving off the final IP address. e.g. to allow 203.16.167.0/24 you list
"203.16.167" in /etc/mail/LocalIP.

it would be better if it understood netmasks.

> > 2. do we (debian) distribute a 'Spammers' and 'SpamDomains' file with the
> >    package?  what are the legal ramifications of doing that?
> 
> That's unfeasible.  The list grows too fast.  

yeah, i know.

except example purposes, it's probably pointless to try to include a list.

> We try to maintain one here in Cambridge, and I have long since given
> up trying to keep up.

My personal procmailrc filters out potential spam into a separate
folder. every so often i go through it and extract email addresses and
spam domains to add to my list.

> and I also reject mail from certain hosts and networks entirely:
> 
> sender_net_reject_recipients = 205.199.212.0/255.255.255.0
> sender_host_reject_recipients = 204.127.131.33:38.8.32.2:38.8.45.2:38.8.200.2:20
> 6.142.102.1

The latest version of the sendmail hacks has a feature like this...it's
probably better than trying to keep firewall rules up to date.

craig

--
craig sanders
networking consultant                  Available for casual or contract
temporary autonomous zone              system administration tasks.

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

References:
- Re: sendmail/smail with relaying blocks?
  - From: Tim Cutts <tjrc1@mole.bio.cam.ac.uk>

Prev by Date: Re: ae's vi attempt on boot disks stomps on real vi symlink
Next by Date: Re: sendmail/smail with relaying blocks?
Previous by thread: Re: sendmail/smail with relaying blocks?
Next by thread: Re: sendmail/smail with relaying blocks?
Index(es):
- Date
- Thread