Re: what's the better mta?
On Tue, Jul 29, 1997 at 08:52:47AM -0700, George Bonser wrote:
:
: I use smail. It is a lot easier to get configured than sendmail and there
: have been fewer security problems with it. If you have a small site, run
: it out of inetd and use your hosts.allow and hosts.deny to manage access
: if you are connected to the net full time.
The problem with smail is that you are vulnerable to being used as a
spam relay. With sendmail, qmail or exim, I can turn that off. Here's
a sample sendmail .mc file, which gets used with the m4 macros to generate
your sendmail.cf... This includes spam rejection/relay protection. This
spits out a *working* (no tweaking required) sendmail.cf, complete with
the ability to do virtual hosts and rewrite outgoing addresses. It also
replaces the Mprog mailer with smrsh, instead of bash, which takes care of
a large portion of sendmail holes.
divert(-1)
#
# /etc/spamlist: domains, one per line to deny mail from
# /etc/LocalIP: local IP addresses
#
# Happy spam thwarting.
#
divert(0)dnl
VERSIONID(`@(#)lart.mc 8.8.5 (dogbert.sjis.com) 4/24/97')
OSTYPE(linux)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(`virtusertable',`hash -o /etc/virtusertable')dnl
FEATURE(`genericstable',`hash -o /etc/genericstable')dnl
FEATURE(use_ct_file)dnl
FEATURE(nouucp)dnl
FEATURE(local_procmail, /usr/bin/procmail)dnl
define(`confME_TOO', True)dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MASQUERADE_AS(yoursite.goeshere.com)dnl
LOCAL_CONFIG
F{SpamList} /etc/spamlist
F{LocalIP} /etc/LocalIP
LOCAL_RULESETS
Scheck_rcpt
# first: get client addr
R$+ $: $(dequote "" $&{client_addr} $) $| $1
R0 $| $* $@ ok no client addr: directly invoked
R$={LocalIP}$* $| $* $@ ok from here
# not local, check rcpt
R$* $| $* $: $>3 $2
# remove local part, maybe repeatedly
R$*<@$=w.>$* $>3 $1 $3
# still something left?
R$*<@$+>$* $#error $@ 5.7.1 $: 571 we do not relay
Scheck_compat
R<$+> $| $+ $1 $| $2
R$+ $| <$+> $1 $| $2
R$+ ! $+ ! $+ $| $+ $3@$2 $| $4
R$* @ $* $={SpamList} $| $* $# error $: 552 SpamFilter: email from junkmailer's domains not accepted.
--
Jason Costomiris | Finger for PGP 2.6.2 Public Key
jcostom@sjis.com | "There is a fine line between idiocy
My employers like me, but not | and genius. We aim to erase that line"
enough to let me speak for them. | --Unknown
http://www.jasons.org/~jcostom
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: