Date: Fri, 23 Jan 1998 04:09:32 +0000 From: Brian Somers <brian@Awfulhak.org> To: "Jonathan M. Bresler" <jmb@FreeBSD.ORG> Cc: brian@Awfulhak.org (Brian Somers), kuku@gilberto.physik.RWTH-Aachen.DE, dwhite@resnet.uoregon.edu, freebsd-questions@freefall.FreeBSD.org Subject: Re: /etc/mail - anti spam measures Message-ID: <199801230409.EAA02451@awfulhak.org> In-Reply-To: Your message of "Thu, 04 Dec 1997 17:59:46 PST." <199712050159.RAA26466@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[following up from a month and a half ago - that O'Reilly book is thick]
> Brian Somers wrote:
> >
> > I've attached my version - altered to deal with machine names too.
>
> on further reflection, no reason to limit this to
> three part hostnames.
>
> > # called with host.tld and IP address of connecting host.
> > # ip address must NOT be in the "denyip" database
> > Scheck_relay
> > R$* $| [$+ $1 $| $2 should not be needed
> > R$* $| $+] $1 $| $2 same (bat 2nd ed p510)
> > R$* $| $* $: $1 $| $(denyip $2 $)
> > R$* $| $*.REJECT $#error $: 521 blocked. contact postmaster@FreeBSD.ORG ($2)
> > # host must *not* be in the "spamsites" database
> >
> > # jmb suggests for hosts as well as domains:
> > R$+.$+.$+ $| $* $: $(spamsites $1.$2.$3 $) $1.$2.$3 $| $4
>
> replcae the rule above with the rulse below:
>
> R$+.$+.$* $| $* $(spamsites $1.$2.$3 $) $1.$2 $| $4
>
> this will iterate, allowing you to check for
>
> host.foo.bar.baz.com
> foo.bar.baz.com
> bar.baz.com
> baz.com
Well, now I know a little more about sendmail, I figure that this
doesn't quite work. If I feed this rule `a.b.c $| 1.2.3.4', I'll get
in: a.b.c $| 1.2.3.4
out: a.b.c a.b $| 1.2.3.4
in: a.b.c a.b $| 1.2.3.4
out: a.b.c a.b a.b $| 1.2.3.4
etc. Your rule seems to assume that $( ... $) will eat the string if
it doesn't match....
Perhaps, what we really want is:
# host must *not* be in the "spamsites" database
R$* $| $* $: <$1> <$1 $| $2>
R<$+.$+> $* <$+> <$2> $| $(spamsites $1 $2 $) $3 <$4>
R<$*> $* $| $*.REJECT $* <$1> $3.REJECT $4
R<$*> $*.REJECT $* <$*$|$*> $#error $: 521 $4: $2
R<$*> $* <$+> $3
Here, we grab the text from spamsites.db and display it after the
failed host/domain name :-)
> > #jmb also suggests these two:
> > R$+.$+.$+ $: $(spamsites $1.$2.$3 $) $1.$2.$3
>
> do the same here.
And assuming a "user@domain" input,
# host must *not* be in the "spamsites" database
R$* @ $* $: <$2> <$1 @ $2>
R<$+.$+> $* <$+> <$2> $| $(spamsites $1 $2 $) $3 <$4>
R<$*> $* $| $*.REJECT $* <$1> $3.REJECT $4
R<$*> $*.REJECT $* <$*@$*> $#error $: 521 $5: $2
R<$*> $* <$+> $3
> jmb
I'd like to commit this to src/etc/mail/sendmail.cf.additions. Does
this make sense ?
Cheers.
--
Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org>
<http://www.Awfulhak.org>;
Don't _EVER_ lose your sense of humour....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199801230409.EAA02451>