[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Woody Sendmail: blacklist_recipients feature not working

I'm running Debian Woody x86 on my mail server, and I'm using Sendmail 8.12.3-6.6 as my MTA.

Normal mail delivery is working, but I can't get the "blacklist_recipients" feature to work. The relevant bit from my sendmail.mc is:

# Use the access map for blacklisting and relaying

And my access file contains:                               RELAY
192.168.124                             RELAY
192.168.120                             RELAY
somestrangeuser@                        REJECT
strangeperson@hotmail.com               REJECT
To:root@                                REJECT

I convert this to access.db with "makemap hash access.db < access".

I find that normal sender-based access control is working, but recipient-based is not despite the fact that I'm specifying "blacklist_recipients" in my config:

# Connect to SMTP port
$ telnet 25
Connected to
Escape character is '^]'.
220 mercury ESMTP Ready
HELO sailor
250 mercury.nta-monitor.com Hello vmware-host.demo.nta-monitor.com [], pleased to meet you

# Test sender rejection - works OK
MAIL FROM: <root@test.com>
250 2.1.0 <root@test.com>... Sender ok
250 2.0.0 Reset state
MAIL FROM: <somestrangeuser@test.com>
550 5.7.1 <somestrangeuser@test.com>... Access denied
250 2.0.0 Reset state
MAIL FROM: <strangeperson@hotmail.com>
550 5.7.1 <strangeperson@hotmail.com>... Access denied
250 2.0.0 Reset state

# Test recipient rejection - doesn't work
MAIL FROM: <royhills@hotmail.com>
250 2.1.0 <royhills@hotmail.com>... Sender ok
RCPT TO: <root@nta-monitor.com>
250 2.1.5 <root@nta-monitor.com>... Recipient ok
RCPT TO: <somestrangeuser@nta-monitor.com>
550 5.1.1 <somestrangeuser@nta-monitor.com>... User unknown
RCPT TO: <strangeperson@hotmail.com>
550 5.7.1 <strangeperson@hotmail.com>... Relaying denied. Proper authentication required.
221 2.0.0 mercury.nta-monitor.com closing connection
Connection closed by foreign host.

As you can see, I'm not getting a rejection sending to "root@nta-monitor.com", and
the other recipients that I'd expect to get access denied give other errors.

Any ideas why this is not working? I'm wondering if I should submit this as a bug, or if
I'm doing something silly.

Other random info:

The system has a permanent Internet connection with a static IP. It's running BIND9 for DNS,
and DNS lookups work fine.

mercury:/etc/mail# uname -a
Linux mercury 2.4.24 #3 Sun Feb 22 12:32:32 GMT 2004 i686 unknown

Roy Hills

Stay in touch with absent friends - get MSN Messenger http://www.msn.co.uk/messenger

Reply to: