Date: Fri, 6 Feb 1998 16:27:00 -0800 (PST) From: David Babler <dbabler@Rigel.orionsys.com> To: "Darrin R. Woods" <dwoods@netgazer.com> Cc: isp@FreeBSD.ORG Subject: Re: spammer problem - help! Message-ID: <Pine.BSF.3.96.980206161116.11157F-100000@Rigel.orionsys.com> In-Reply-To: <3.0.32.19980206142216.00694dfc@netgazer.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 6 Feb 1998, Darrin R. Woods wrote: > I have applied the spammer patches found at sendmail.org, they include > disallowing relaying and blocking of hosts. The spammers db file has the > following entry: > > mail.t-1net.com 550 Access Denied > > realizing that the "550..." is pretty much ignored and not really sent. I > build the db file with the following command: AFAIK, if you use the key 'mail.t-1net.com', sendmail will get 3 tokens: '550' 'Access' and 'Denied'. If you want the string back, enclose it in quotes. I *do* recall a similar problem I had - and sendmail.org told me that maps don't work properly on sendmial 8.8.5. Upgrading to 8.8.7 (and now 8.8.8) made that problem go away. It seems to me that when I tested the rules, using sendmail -bt, the map lookups seemed to work okay but when sendmail was actually running, the lookups would fail. If you run 'sendmail -bt' and then do a map lookup: sendmail -bt > /map spammers mail.t-1net.com You should get: map_lookup: spammers (mail.t-1net.com) returns 550 Access Denied As others have mentioned, this mail is NOT coming from t-1net.com at all; the example you showed came from a UU.net dialup. Nevertheless, you should be able to trap the envelope address, bogus or not. A far more useful rule to apply is to require the sender's address to validate. -Dave
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980206161116.11157F-100000>