Date: Wed, 20 Jun 2001 19:50:51 -0400 (EDT) From: "Bruce M. Walker" <bmw@borderware.com> To: freebsd-security@FreeBSD.ORG Subject: Re: need help filter this stupid virus. Sendmail didnt stop this. Message-ID: <200106202350.f5KNopS18245@fusion.borderware.com> In-Reply-To: <200106202329.f5KNTPm07958@fusion.borderware.com> from "Bruce M. Walker" at "Jun 20, 2001 07:29:25 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Gah! Bad form to reply to my own msg, but I gave bad advice...
Bruce M. Walker wrote:
>
> This syntax is supposed to match mail-header From: (or To:) lines...
>
> From:spammer@some.dom REJECT
> To:friend.domain RELAY
I'm way wrong! That just makes the match *specific* to envelope-from
or -to, not internal mail headers.
To add header checks in sendmail, see section "Header Checks" in
/usr/share/sendmail/cf/README. It would look like this:
LOCAL_RULESETS
HFrom: $>CheckFrom
SCheckFrom
R< hahaha @ sexyfun . net > $#error $: 550 No spam.
R$* $@ OK
(This is untested!)
That's why most people are using Procmail to handle these cases.
Here's a hint: install Postfix in place of sendmail. You'll find
the header-checks capability is extensive. Stopping this virus is
pretty trivial.
-bmw
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200106202350.f5KNopS18245>