From owner-freebsd-hackers  Mon Mar 30 17:25:19 1998
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA18565
          for freebsd-hackers-outgoing; Mon, 30 Mar 1998 17:25:19 -0800 (PST)
          (envelope-from owner-freebsd-hackers@FreeBSD.ORG)
Received: (from jmb@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id RAA18553;
          Mon, 30 Mar 1998 17:25:15 -0800 (PST)
          (envelope-from jmb)
From: "Jonathan M. Bresler" <jmb>
Message-Id: <199803310125.RAA18553@hub.freebsd.org>
Subject: Re: Additions to anti-spam rules
In-Reply-To: <3520260A.3410CE91@pr-comm.com> from "James E. Housley" at "Mar 30, 98 06:08:58 pm"
To: housley@pr-comm.com (James E. Housley)
Date: Mon, 30 Mar 1998 17:25:15 -0800 (PST)
Cc: freebsd-hackers
X-Mailer: ELM [version 2.4ME+ PL32 (25)]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

James E. Housley wrote:
> I added the following to sendmail.cf to prevent lookup into the realtime
> blackhole list for local mail, prevents dialing.  The checking rules
> were added just before the RBL check rule in check_relay.
> 
> Comments please

	looks like a good idea......wanna refine it further?

	in both 2.2.6 and current the rbl check has moved to check_mail
	rather then check_relay.  n check_mail, its the client_addr
	that is checked against the RBL.  the change was made btwn
	version 1.1 and 1.2 of the file.  please update your version,
	there have been a number of impovements--we are now at 1.6

	a context diff is easier for me to read.

	it looks like a good idea ;)
jmb

> 
> # An additional database with the local ips that you want to allow.  
> # Same format and location as the deny datablases
> 
> Kallowip hash -o -a.ALLOW /etc/mail/allowip.db
> 
> Scheck_relay
> # called with "hostname.tld $| IP address" of connecting host.
> ...
> # ip address is defined as LOCAL--BEGIN
> # 
> # prevents me from dialing out to the net for local mail
> R$* $| $*		$: $1 $| $(allowip $2 $)
> R$* $| $*.ALLOW		$@ OK
> # ip address is defined as LOCAL--END
> # ip address must NOT be in Paul Vixie's RBL--BEGIN

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message