From owner-freebsd-questions Thu Jan 22 20:11:05 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA24013 for questions-outgoing; Thu, 22 Jan 1998 20:11:05 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from awfulhak.org (awfulhak.demon.co.uk [158.152.17.1]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA23996; Thu, 22 Jan 1998 20:10:52 -0800 (PST) (envelope-from brian@Awfulhak.org) Received: from gate.lan.awfulhak.org (localhost [127.0.0.1]) by awfulhak.org (8.8.7/8.8.7) with ESMTP id EAA02451; Fri, 23 Jan 1998 04:09:32 GMT (envelope-from brian@gate.lan.awfulhak.org) Message-Id: <199801230409.EAA02451@awfulhak.org> X-Mailer: exmh version 2.0.1 12/23/97 To: "Jonathan M. Bresler" cc: brian@Awfulhak.org (Brian Somers), kuku@gilberto.physik.RWTH-Aachen.DE, dwhite@resnet.uoregon.edu, freebsd-questions@freefall.FreeBSD.org Subject: Re: /etc/mail - anti spam measures In-reply-to: Your message of "Thu, 04 Dec 1997 17:59:46 PST." <199712050159.RAA26466@hub.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 23 Jan 1998 04:09:32 +0000 From: Brian Somers Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk [following up from a month and a half ago - that O'Reilly book is thick] > Brian Somers wrote: > > > > I've attached my version - altered to deal with machine names too. > > on further reflection, no reason to limit this to > three part hostnames. > > > # called with host.tld and IP address of connecting host. > > # ip address must NOT be in the "denyip" database > > Scheck_relay > > R$* $| [$+ $1 $| $2 should not be needed > > R$* $| $+] $1 $| $2 same (bat 2nd ed p510) > > R$* $| $* $: $1 $| $(denyip $2 $) > > R$* $| $*.REJECT $#error $: 521 blocked. contact postmaster@FreeBSD.ORG ($2) > > # host must *not* be in the "spamsites" database > > > > # jmb suggests for hosts as well as domains: > > R$+.$+.$+ $| $* $: $(spamsites $1.$2.$3 $) $1.$2.$3 $| $4 > > replcae the rule above with the rulse below: > > R$+.$+.$* $| $* $(spamsites $1.$2.$3 $) $1.$2 $| $4 > > this will iterate, allowing you to check for > > host.foo.bar.baz.com > foo.bar.baz.com > bar.baz.com > baz.com Well, now I know a little more about sendmail, I figure that this doesn't quite work. If I feed this rule `a.b.c $| 1.2.3.4', I'll get in: a.b.c $| 1.2.3.4 out: a.b.c a.b $| 1.2.3.4 in: a.b.c a.b $| 1.2.3.4 out: a.b.c a.b a.b $| 1.2.3.4 etc. Your rule seems to assume that $( ... $) will eat the string if it doesn't match.... Perhaps, what we really want is: # host must *not* be in the "spamsites" database R$* $| $* $: <$1> <$1 $| $2> R<$+.$+> $* <$+> <$2> $| $(spamsites $1 $2 $) $3 <$4> R<$*> $* $| $*.REJECT $* <$1> $3.REJECT $4 R<$*> $*.REJECT $* <$*$|$*> $#error $: 521 $4: $2 R<$*> $* <$+> $3 Here, we grab the text from spamsites.db and display it after the failed host/domain name :-) > > #jmb also suggests these two: > > R$+.$+.$+ $: $(spamsites $1.$2.$3 $) $1.$2.$3 > > do the same here. And assuming a "user@domain" input, # host must *not* be in the "spamsites" database R$* @ $* $: <$2> <$1 @ $2> R<$+.$+> $* <$+> <$2> $| $(spamsites $1 $2 $) $3 <$4> R<$*> $* $| $*.REJECT $* <$1> $3.REJECT $4 R<$*> $*.REJECT $* <$*@$*> $#error $: 521 $5: $2 R<$*> $* <$+> $3 > jmb I'd like to commit this to src/etc/mail/sendmail.cf.additions. Does this make sense ? Cheers. -- Brian , , Don't _EVER_ lose your sense of humour....