Date: Thu, 14 Sep 2006 06:11:30 +0300 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Kevin Kinsey <kdk@daleco.biz> Cc: questions@freebsd.org Subject: Re: sendmail and hosts_access(5) Message-ID: <20060914031130.GB74348@gothmog.pc> In-Reply-To: <20060913163722.GA62734@gothmog.pc> References: <45082E5C.5040503@daleco.biz> <20060913163722.GA62734@gothmog.pc>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2006-09-13 19:37, Giorgos Keramidas <keramida@ceid.upatras.gr> wrote: > On 2006-09-13 11:14, Kevin Kinsey <kdk@daleco.biz> wrote: > > Hello all, > > > > I am attempting to block an SMTP server with /etc/hosts.allow: > > > > ---------------------------------------------------------- > > Received: from 241net251.net.zeork.com.pl (241net251.net.zeork.com.pl > > [194.117.241.251] (may be forged)) > > ---------------------------------------------------------- > > [506] Tue 12.Sep.2006 20:55:44 > > [kadmin@archangel][~] > > #ssh kadmin@elisha grep zeork /home/kadmin/spammers > > .net.zeork.com.pl > > > > [507] Tue 12.Sep.2006 20:56:55 > > [kadmin@archangel][~] > > #ssh kadmin@elisha grep /home/kadmin/spammers /etc/hosts.allow > > sendmail : /home/kadmin/spammers : deny > > -------------------------------------------------------------- > > > > hosts_access(5) says this: > > The access control language implements the following patterns: > > * A string that begins with a `.' character. A host > > name is matched if the last components of its name match the > > specified pattern. For example, the pattern `.tue.nl' matches > > the host name `wzv.win.tue.nl' > > > > So, why does my server continue accepting SMTP connections from > > "241net251.net.zeork.com.pl" ? > > > > Thoughts, pointers, gentle kicks on the bum welcomed. > > I don't think you can have the hostnames in a separate "map file" and > then reference this file from /etc/hosts.allow. ... and I'm wrong of course. Alex Zbyslaw pointed out that I had missed the part of the manpage which refers to this: o A string that begins with a `/' character is treated as a file name. A host name or address is matched if it matches any host name or address pattern listed in the named file. The file for- mat is zero or more lines with zero or more host name or address patterns separated by whitespace. A file name pattern can be used anywhere a host name or address pattern can be used. Sorry for the confusion :-/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060914031130.GB74348>