From owner-freebsd-bugs Tue Jun 8 9: 0: 6 1999 Delivered-To: freebsd-bugs@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21]) by hub.freebsd.org (Postfix) with ESMTP id C1B751532A for ; Tue, 8 Jun 1999 09:00:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.9.3/8.9.2) id JAA23856; Tue, 8 Jun 1999 09:00:01 -0700 (PDT) (envelope-from gnats@FreeBSD.org) Received: from servidor1.cursosvirtuales.com.ar (www.cursosvirtuales.com.ar [200.10.104.198]) by hub.freebsd.org (Postfix) with ESMTP id 234D015012 for ; Tue, 8 Jun 1999 08:54:41 -0700 (PDT) (envelope-from fpscha@servidor1.cursosvirtuales.com.ar) Received: (from fpscha@localhost) by servidor1.cursosvirtuales.com.ar (8.8.8/8.8.8) id MAA17606; Tue, 8 Jun 1999 12:57:18 -0300 (ART) (envelope-from fpscha) Message-Id: <199906081557.MAA17606@servidor1.cursosvirtuales.com.ar> Date: Tue, 8 Jun 1999 12:57:18 -0300 (ART) From: fpscha@cvi.com.ar Reply-To: fpscha@cvi.com.ar To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: conf/12084: Mistake in anti spam rules for non-us domains. Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >Number: 12084 >Category: conf >Synopsis: Mistake in anti spam rules for non-us domains. >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jun 8 09:00:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Fernando P. Schapachnik >Release: FreeBSD 2.2.8-RELEASE i386 >Organization: >Environment: I tested it only in 2.2.x as I don't have a 3.x available, but I think it's pertinent too. The anti spam rules that come in /etc/mail/sendmail.cf.additions provide a spamsites db to block known sources of spam. The sendmail rules that implement that restriction are designed to block the first every first level subdomain of the blocked domain. Example: If the database says: example.com REJECT the rule will block host1.example.com, smtp.example.com, etc. >Description: The problem arise when you want to block some non-us domain. Example: spammer.com.ar REJECT But one of the rules just search in the db "com.ar", which is not found. So the email keeps going through. If you add com.ar REJECT to the db, the every email from spammer.com.ar, goodguy.com.ar, etc. gets rejected. >How-To-Repeat: Add cavallo.org.ar REJECT to your spamsites db and connect to sendmail sending mail from user@cavallo.org.ar. The mail will pass. >Fix: Aplpy the following patch to /etc/mail/sendmail.cf.additions: --- /etc/mail/sendmail.cf.additions Mon Nov 30 02:15:29 1998 +++ sendmail.cf.additions Tue Jun 8 12:45:14 1999 @@ -38,7 +38,11 @@ # # host must NOT be in the "spamsites" database--BEGIN R$* $| $* $: <$1 $| $2> $1 -R<$*> $+.$+.$+ <$1> $3.$4 +# Uncomment the following line if you what to block +# host.domain.com having only domain.com in your db. +# Be aware that this have the side effect of having to block +# the hole com.ar in order to block domain.com.ar. +#R<$*> $+.$+.$+ <$1> $3.$4 R<$*> $+.$+ $: <$1> $(spamsites $2.$3 $) R<$*> $*.REJECT $#error $: 521 blocked. contact postmaster@$m R<$*> $* $: $1 @@ -70,7 +74,11 @@ # mail must come from a DNS resolvable host--END # mail must NOT come from a known source of spam--BEGIN R$+ @$+ $: <$1@$2> $2 -R<$*> $+.$+.$+ <$1> $3.$4 +# Uncomment the following line if you what to block +# host.domain.com having only domain.com in your db. +# Be aware that this have the side effect of having to block +# the hole com.ar in order to block domain.com.ar. +#R<$*> $+.$+.$+ <$1> $3.$4 R<$*> $* $: $(spamsites $2 $: OK $) R$+.REJECT $#error $@ 5.7.1 $: 550 $1 R<$*> $* $: $1 >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message