Re: what's the better mta?

To: George Bonser <grep@oriole.sbay.org>
Cc: debian-user@lists.debian.org
Subject: Re: what's the better mta?
From: Jason Costomiris <jcostom@sjis.com>
Date: Tue, 29 Jul 1997 17:26:54 -0400
Message-id: <[🔎] 19970729172654.20569@sjis.com>
In-reply-to: <[🔎] Pine.LNX.3.96.970729085119.25173A-100000@calvin.oriole.sbay.org>; from George Bonser on Tue, Jul 29, 1997 at 08:52:47AM -0700
References: <[🔎] 3.0.1.32.19970729110706.00953200@pop.abril.com.br> <[🔎] Pine.LNX.3.96.970729085119.25173A-100000@calvin.oriole.sbay.org>

On Tue, Jul 29, 1997 at 08:52:47AM -0700, George Bonser wrote:
: 
: I use smail.  It is a lot easier to get configured than sendmail and there
: have been fewer security problems with it.  If you have a small site, run
: it out of inetd and use your hosts.allow and hosts.deny to manage access
: if you are connected to the net full time.

The problem with smail is that you are vulnerable to being used as a 
spam relay.  With sendmail, qmail or exim, I can turn that off.  Here's
a sample sendmail .mc file, which gets used with the m4 macros to generate
your sendmail.cf...  This includes spam rejection/relay protection.  This
spits out a *working* (no tweaking required) sendmail.cf, complete with
the ability to do virtual hosts and rewrite outgoing addresses.  It also
replaces the Mprog mailer with smrsh, instead of bash, which takes care of 
a large portion of sendmail holes.


divert(-1)
#
# /etc/spamlist: domains, one per line to deny mail from
# /etc/LocalIP:	 local IP addresses
#
# Happy spam thwarting.
#

divert(0)dnl
VERSIONID(`@(#)lart.mc      8.8.5 (dogbert.sjis.com) 4/24/97')
OSTYPE(linux)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(`virtusertable',`hash -o /etc/virtusertable')dnl
FEATURE(`genericstable',`hash -o /etc/genericstable')dnl
FEATURE(use_ct_file)dnl
FEATURE(nouucp)dnl
FEATURE(local_procmail, /usr/bin/procmail)dnl
define(`confME_TOO', True)dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MASQUERADE_AS(yoursite.goeshere.com)dnl

LOCAL_CONFIG
F{SpamList} /etc/spamlist
F{LocalIP} /etc/LocalIP

LOCAL_RULESETS
Scheck_rcpt
# first: get client addr
R$+			$: $(dequote "" $&{client_addr} $) $| $1
R0 $| $*		$@ ok			no client addr: directly invoked
R$={LocalIP}$* $| $*	$@ ok			from here
# not local, check rcpt
R$* $| $*		$: $>3 $2
# remove local part, maybe repeatedly
R$*<@$=w.>$*		$>3 $1 $3
# still something left?
R$*<@$+>$*		$#error $@ 5.7.1 $: 571 we do not relay

Scheck_compat
R<$+> $| $+			$1 $| $2
R$+ $| <$+>			$1 $| $2
R$+ ! $+ ! $+ $| $+		$3@$2 $| $4
R$* @ $* $={SpamList} $| $*	$# error $: 552 SpamFilter: email from junkmailer's domains not accepted.

-- 
Jason Costomiris                 | Finger for PGP 2.6.2 Public Key
jcostom@sjis.com                 | "There is a fine line between idiocy
My employers like me, but not	 | and genius.  We aim to erase that line"
enough to let me speak for them. |			--Unknown

	        	http://www.jasons.org/~jcostom


--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: what's the better mta?
  - From: George Bonser <grep@oriole.sbay.org>
- Re: what's the better mta?
  - From: joey@finlandia.infodrom.north.de (Martin Schulze)

References:
- what's the better mta?
  - From: "Bruno O. M. Simoes" <bruno@abril.com.br>
- Re: what's the better mta?
  - From: George Bonser <grep@oriole.sbay.org>

Prev by Date: Re: what's the better mta?
Next by Date: mke2fs problem
Previous by thread: Re: what's the better mta?
Next by thread: Re: what's the better mta?
Index(es):
- Date
- Thread