[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sendmail/smail with relaying blocks?

On Fri, 9 May 1997, Thomas Koenig wrote:

> ># block out some junkmailing scumbags
> >"
> >
> >for i in $JUNKMAIL ; do
> >    /sbin/ipfwadm -I -a reject -P tcp -S $i
> >done
> This sounds useful; I use something like that myself.
> If that's made configurable, with an empty start file, I think this
> could easily be made part of a standard package, e.g:
> for i in $(cat /etc/blocked_networks) ; do
>     /sbin/ipfwadm -I -a reject -P tcp -S $i
> done
> If we distribute this with an empty config file, nobody could sue us
> for it.

The latest check_relay rule does this.  here's what the notes say:


    check_relay gets the host name and host address of the client
    separated by $| as parameters. This can be used as a substitute for
    TCPWRAPPERS . You can enable the code for TCPWRAPPERS by compiling
    sendmail with -DTCPWRAPPERS=1 . A small example is:

    F{DeniedIP} /etc/mail/DeniedIP
    F{DeniedNames} /etc/mail/DeniedNames

    where these files contain a list of IP addresses and hostnames which
    are not allowed to access your mailserver.

    R$+ $| $={DeniedIP}$*           $#error $@ 5.7.1 $: "no access from your IP address"
    R$*$={DeniedNames} $| $*        $#error $@ 5.7.1 $: "no access from your host"

    (note the trailing/leading $* to match with incompletely specified
    IP addresses/names).

    Access will be refused with the error message: 

    550 Access denied

    and the error string will be logged. 

> > i sent a copy of the sendmail 8.8 anti-spam hacks (and some notes on
> > how to set it up) to the sendmail author a few months ago. 

i made a mistake above.  i said 'sendmail author', i meant 'debian package
maintainer' :-)

> > It hasn't been incorporated into the sendmail package yet - maybe i
> > should make a 'sendmail-antispam' package...
> Yep, good idea.

i've started on it already. Debian should be as spam-resistant as

> >2. do we (debian) distribute a 'Spammers' and 'SpamDomains' file with the
> >   package?  what are the legal ramifications of doing that?
> >
> >3. do we include a sample firewall rule file like the one above?  again,
> >   what are the legal ramifications?
> I think it would be best to leave the relevant configuration files
> empty.  The rest is a local decisision.



craig sanders
networking consultant                  Available for casual or contract
temporary autonomous zone              system administration tasks.

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: