From owner-freebsd-questions Fri Jan 28 7:42:13 2000 Delivered-To: freebsd-questions@freebsd.org Received: from boris.netgate.net (boris2.netgate.net [204.145.147.155]) by hub.freebsd.org (Postfix) with ESMTP id 413B915C14 for ; Fri, 28 Jan 2000 07:40:56 -0800 (PST) (envelope-from wellsian@caffeine.com) Received: from localhost (wellsian@localhost) by boris.netgate.net (8.9.3/8.9.3) with ESMTP id HAA93559; Fri, 28 Jan 2000 07:40:04 -0800 (PST) (envelope-from wellsian@caffeine.com) Date: Fri, 28 Jan 2000 07:40:03 -0800 (PST) From: Dave Wells X-Sender: wellsian@boris.netgate.net To: Evren Yurtesen Cc: Matthias Teege , freebsd-questions@FreeBSD.ORG Subject: Re: filtering spam by name of the sender? In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I love procmail. But procmail is not good for system level spam protection. You might want to use the global rc for special cases, but it is too late in the chain to be a solid solution for the quantity of spam flying around nowadays. Really, it is a little painful at first but figuring out sendmail UCE controls is valuable. Check the access_db feature first to see if it sounds right: Quoting from: http://www.sendmail.org/m4/anti-spam.html --- ... An ``access'' database can be created to accept or reject mail from selected domains. For example, you may choose to reject all mail originating from known spammers. To enable such a database, use FEATURE(`access_db') The FEATURE macro can accept a second parameter giving the key file definition for the database; for example FEATURE(`access_db', `hash -o /etc/mail/access') Remember, since /etc/mail/access is a database, after creating the text file as described below, you must use makemap to create the database map. For example: makemap hash /etc/mail/access < /etc/mail/access The table itself uses e-mail addresses, domain names, and network numbers as keys. For example, spammer@aol.com REJECT cyberspammer.com REJECT 192.168.212 REJECT would refuse mail from spammer@aol.com, any user from cyberspammer.com (or any host within the cyberspammer.com domain), and any host on the 192.168.212.* network. ... --- The important distinction between blocking at your mail system vs. procmail is that sendmail (or whatever mta) can decide lots before receiving the email. With procmail, an 8MB spam from evil@spam.net would be accepted by sendmail, chewing network and system resources, and then procmail would fork creating an 8MB process before the thing was trashed. And depending on your recipes you may get more than one instance. On a low-volume, one-user system, this might not be disastrous, but that oatmeal guy wouldn't say it's "the right thing to do". Again, if you hate sendmail mc/cf files like most people then check out an alternate mta like postfix. Either way, if you admin for many users it'll be time well spent. -Dave On Fri, 28 Jan 2000, Evren Yurtesen wrote: > I want system level protection > I use procmail as local delivery program already. > How can I configure it? I think it is reaing a global > configuration file at usr/local/etc/procmailrc > is not it so? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message