Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 28 Jan 2000 07:40:03 -0800 (PST)
From:      Dave Wells <wellsian@caffeine.com>
To:        Evren Yurtesen <yurtesen@ispro.net.tr>
Cc:        Matthias Teege <matthias@mteege.de>, freebsd-questions@FreeBSD.ORG
Subject:   Re: filtering spam by name of the sender?
Message-ID:  <Pine.BSF.4.21.0001280722520.93349-100000@boris.netgate.net>
In-Reply-To: <Pine.BSF.4.21.0001281706050.15201-100000@finland.ispro.net.tr>

next in thread | previous in thread | raw e-mail | index | archive | help
I love procmail. But procmail is not good for system level spam
protection. You might want to use the global rc for special cases, but it
is too late in the chain to be a solid solution for the quantity of spam
flying around nowadays. Really, it is a little painful at first but
figuring out sendmail UCE controls is valuable. Check the access_db
feature first to see if it sounds right:

Quoting from: http://www.sendmail.org/m4/anti-spam.html
---
...
An ``access'' database can be created to accept or reject mail from
selected domains. For example, you may choose to reject all mail
originating from known spammers. To enable such a database, use

FEATURE(`access_db') 
The FEATURE macro can accept a second parameter giving the key file
definition for the database; for example

FEATURE(`access_db', `hash -o /etc/mail/access') 
Remember, since /etc/mail/access is a database, after creating the text
file as described below, you must use makemap to create the database
map. For example:

makemap hash /etc/mail/access < /etc/mail/access 
The table itself uses e-mail addresses, domain names, and network numbers
as keys. For example,

spammer@aol.com		REJECT
cyberspammer.com	REJECT
192.168.212		REJECT

would refuse mail from spammer@aol.com, any user from cyberspammer.com (or
any host within the cyberspammer.com domain), and any host on the
192.168.212.* network.
...
---

The important distinction between blocking at your mail system vs.
procmail is that sendmail (or whatever mta) can decide lots before
receiving the email. With procmail, an 8MB spam from evil@spam.net would
be accepted by sendmail, chewing network and system resources, and then
procmail would fork creating an 8MB process before the thing was trashed.
And depending on your recipes you may get more than one instance. On a
low-volume, one-user system, this might not be disastrous, but that
oatmeal guy wouldn't say it's "the right thing to do". Again, if you hate
sendmail mc/cf files like most people then check out an alternate mta like
postfix. Either way, if you admin for many users it'll be time well spent.

-Dave

On Fri, 28 Jan 2000, Evren Yurtesen wrote:

> I want system level protection
> I use procmail as local delivery program already.
> How can I configure it? I think it is reaing a global
> configuration file at usr/local/etc/procmailrc
> is not it so?



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0001280722520.93349-100000>