From owner-freebsd-questions Wed Feb 26 0:34:46 2003 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FA1F37B401 for ; Wed, 26 Feb 2003 00:34:44 -0800 (PST) Received: from vixen.pragma.no (rudolph.pragma.no [212.20.194.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C52443F75 for ; Wed, 26 Feb 2003 00:34:41 -0800 (PST) (envelope-from awand@pragma.no) Received: from vable.pragma.no (DNSSPOOFER [212.20.194.160]) by vixen.pragma.no (Netscape Messaging Server 4.15) with ESMTP id HAWQH500.4AC for ; Wed, 26 Feb 2003 09:34:17 +0100 Message-Id: <5.2.0.9.0.20030226082140.00b4bdb0@mail.pragma.no> X-Sender: awand@mail.pragma.no X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Wed, 26 Feb 2003 09:34:17 +0100 To: freebsd-questions@FreeBSD.ORG From: Andreas =?iso-8859-1?Q?Wider=F8e?= Andersen Subject: proto.m4 file (Sendmail on FreeBSD) Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1"; format=flowed Content-Transfer-Encoding: quoted-printable Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I got Sendmail 8.12.6/8.12.7 on my FreeBSD 4.7 STABLE system and I've=20 recently been working with it to stop spam coming through to my email=20 users. I've added several "FEATURES" in the freebsd.mc file and compiled a= =20 new sendmail.cf file which works pretty good. However, I'm seeing more and= =20 more of lines in my maillog like the line below: Feb 26 09:13:00 myserver sendmail[52405]: h1Q8CxZw052405:=20 ... User unknown Feb 26 09:13:00 myserver sendmail[52405]: h1Q8CxZw052405: from=3D<>,=20 size=3D3411, class=3D0, nrcpts=3D0, proto=3DESMTP, daemon=3DMTA,= relay=3Dmxo1.vol.cz=20 [195.250.128.76] The spammer is always using an empty from field and the spammer is=20 obviously trying lots of different combinations just to see if it will=20 match. I read on the sendmail.org site that there is a workaround to=20 prevent spammers do this in 8.12.6. My question is, where should I put this in in my proto.m4 file? The file is= =20 rather large and I really don't know where. Index: proto.m4 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /cvs/cf/m4/proto.m4,v retrieving revision 8.649.2.12 retrieving revision 8.649.2.13 diff -u -r8.649.2.12 -r8.649.2.13 --- proto.m4 3 Dec 2002 16:48:37 -0000 8.649.2.12 +++ proto.m4 4 Dec 2002 00:12:18 -0000 8.649.2.13 @@ -1761,6 +1761,9 @@ dnl workspace: {client_name} $| {client_addr} R$+ $| $+ $: $>D < $1 > <+ Connect> < $2 > dnl workspace: <{client_addr}> +dnl OR $| $+ if client_name is empty +R $| $+ $: $>A < $1 > <+ Connect> <> empty=20 client_name +dnl workspace: <{client_addr}> R <$+> $: $>A < $1 > <+ Connect> <> no:=20 another lookup dnl workspace: (<>|<{client_addr}>) R <$*> $: OK found nothing Also, there are 2 proto.m4 files: /usr/share/sendmail/cf/m4/proto.m4 /usr/src/contrib/sendmail/cf/m4/proto.m4 Which one should I edit & use? When I'm compiling up a new sendmail.cf file I do this: cp /etc/mail/sendmail.cf /etc/mail/sendmail.cf.orig cd /usr/src/etc/sendmail cp freebsd.mc freebsd.mc.orig [edit freebsd.mc] make freebsd.cf make freebsd.cf install cd /usr/obj/usr/src/etc/sendmail/ cp freebsd.cf /etc/mail/sendmail.cf killall -1 sendmail Thanks! /Andreas --- Andreas Wider=F8e Andersen Pragma AS http://www.pragma.no=20 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message