Setting Sendmail to Refuse Possibly Forged Headers
antenneX
antennex at swbell.net
Fri Apr 16 09:11:37 PDT 2004
----- Original Message -----
From: "Dan Nelson" <dnelson at allantgroup.com>
To: "antenneX" <antennex at swbell.net>
Cc: <freebsd-questions at freebsd.org>
Sent: Thursday, April 15, 2004 11:01 PM
Subject: Re: Setting Sendmail to Refuse Possibly Forged Headers
> In the last episode (Apr 15), antenneX said:
> > > SLocal_check_mail
> > > R$* $: $1 $| $&s Put helo name in workspace
> > > R$* $| $={RejectHelo} $#error $@ 5.7.1 $: "550 Spammer access denied"
> > > R$* $| $* $: $1 Extract helo from workspace if it doesn't match
> > > #-/\-
> >
> > Dan: Your suggestions here were appealing, but I'm batting zero.
> >
> > 1- Will milter-sender work alongside spamass-milter...??
> > I *think* it was working on a test box, but failed on production
box.
>
> They should coexist peacefully. In general, milters should be unaware
> of each other. I'd put milter-sender in front of spamass-milter, since
> spamassassin can be CPU-hungry and there's no need to mark a message as
> spam if milter-sender is just going to deny it anyway.
>
> > 2- Each of your 3 lines above for "local_check_mail" yelled about
> > expecting a Tab when sendmail was restarted... not sure how to fix
> > that.....
>
> My outgoing message had tabs; if your mailer removes them or replaces
> them with spaces, here's where they go:
>
> R$*<TAB>$: $1 $| $&s<TAB>Put helo name in workspace
> R$* $| $={RejectHelo}<TAB>$#error $@ 5.7.1 $: "550 Spammer access denied"
> R$* $| $*<TAB>$: $1<TAB>Extract helo from workspace if it doesn't match
>
> --
> Dan Nelson
> dnelson at allantgroup.com
Dan: Thanks for clearing that up.
If I may ask one more thing about the milter-sender:
The only feature I really wanted from the milter was the option to control
the number of connections for "unknown users". I get a lot of those --
dozens -- hundreds. I believe that is called the "Rumplestilkin" (sp?)
attack where a search is conducted for good emails on a system.
I have not yet seen this option available inside Sendmail and wonder if
there is one out there yet...?? -- without having to install the milter?
More information about the freebsd-questions
mailing list