[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Woody Sendmail: blacklist_recipients feature not working

I'm running Debian Woody x86 on my mail server, and I'm using Sendmail 8.12.3-6.6 as my MTA.
Normal mail delivery is working, but I can't get the "blacklist_recipients" feature to work. The relevant bit from my sendmail.mc is: 

# Use the access map for blacklisting and relaying
FEATURE(`access_db')dnl
FEATURE(`blacklist_recipients')dnl

And my access file contains:

127.0.0.1                               RELAY
192.168.124                             RELAY
192.168.120                             RELAY
somestrangeuser@                        REJECT
strangeperson@hotmail.com               REJECT
To:root@                                REJECT

I convert this to access.db with "makemap hash access.db < access".
I find that normal sender-based access control is working, but recipient-based is not despite the fact that I'm specifying "blacklist_recipients" in my config: 

# Connect to SMTP port
$ telnet 192.168.124.1 25
Trying 192.168.124.1...
Connected to 192.168.124.1.
Escape character is '^]'.
220 mercury ESMTP Ready
HELO sailor
250 mercury.nta-monitor.com Hello vmware-host.demo.nta-monitor.com [172.16.3.254], pleased to meet you 

# Test sender rejection - works OK
MAIL FROM: <root@test.com>
250 2.1.0 <root@test.com>... Sender ok
RSET
250 2.0.0 Reset state
MAIL FROM: <somestrangeuser@test.com>
550 5.7.1 <somestrangeuser@test.com>... Access denied
RSET
250 2.0.0 Reset state
MAIL FROM: <strangeperson@hotmail.com>
550 5.7.1 <strangeperson@hotmail.com>... Access denied
RSET
250 2.0.0 Reset state

# Test recipient rejection - doesn't work
MAIL FROM: <royhills@hotmail.com>
250 2.1.0 <royhills@hotmail.com>... Sender ok
RCPT TO: <root@nta-monitor.com>
250 2.1.5 <root@nta-monitor.com>... Recipient ok
RCPT TO: <somestrangeuser@nta-monitor.com>
550 5.1.1 <somestrangeuser@nta-monitor.com>... User unknown
RCPT TO: <strangeperson@hotmail.com>
550 5.7.1 <strangeperson@hotmail.com>... Relaying denied. Proper authentication required. 
QUIT
221 2.0.0 mercury.nta-monitor.com closing connection
Connection closed by foreign host.
As you can see, I'm not getting a rejection sending to "root@nta-monitor.com", and 
the other recipients that I'd expect to get access denied give other errors.
Any ideas why this is not working? I'm wondering if I should submit this as a bug, or if 
I'm doing something silly.

Other random info:
The system has a permanent Internet connection with a static IP. It's running BIND9 for DNS, 
and DNS lookups work fine.

mercury:/etc/mail# uname -a
Linux mercury 2.4.24 #3 Sun Feb 22 12:32:32 GMT 2004 i686 unknown

Roy Hills

_________________________________________________________________
Stay in touch with absent friends - get MSN Messenger http://www.msn.co.uk/messenger
Reply to: