From owner-freebsd-chat Thu Dec 5 9:32:47 2002 Delivered-To: freebsd-chat@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3D67E37B401 for ; Thu, 5 Dec 2002 09:32:46 -0800 (PST) Received: from smtp.infracaninophile.co.uk (happy-idiot-talk.infracaninophile.co.uk [81.2.69.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id A202D43EC5 for ; Thu, 5 Dec 2002 09:32:44 -0800 (PST) (envelope-from m.seaman@infracaninophile.co.uk) Received: from happy-idiot-talk.infracaninophile.co.uk (localhost.infracaninophile.co.uk [IPv6:::1]) by smtp.infracaninophile.co.uk (8.12.6/8.12.6) with ESMTP id gB5HWXOR093946 for ; Thu, 5 Dec 2002 17:32:33 GMT (envelope-from matthew@happy-idiot-talk.infracaninophile.co.uk) Received: (from matthew@localhost) by happy-idiot-talk.infracaninophile.co.uk (8.12.6/8.12.6/Submit) id gB5HWSbt093945 for freebsd-chat@FreeBSD.ORG; Thu, 5 Dec 2002 17:32:28 GMT Date: Thu, 5 Dec 2002 17:32:28 +0000 From: Matthew Seaman To: FreeBSD Chat Subject: Re: Mail Insanity Message-ID: <20021205173228.GA93795@happy-idiot-talk.infracaninophi> Mail-Followup-To: FreeBSD Chat References: <3DEF75D7.9040401@centtech.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3DEF75D7.9040401@centtech.com> User-Agent: Mutt/1.5.1i X-Spam-Status: No, hits=-3.0 required=5.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_02_03, USER_AGENT,USER_AGENT_MUTT version=2.43 Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Thu, Dec 05, 2002 at 09:50:47AM -0600, Eric Anderson wrote: > I think I'm going to go insane. > > The spammers of the world have been sending mail to (insert made up name > here)@mydomain.com, causing my sendmail to respond to them with "No such > user", which bounces BACK to me since they are using a fake address, > which ends up in my inbox (I am postmaster). I'm getting about 1000 per > day, and can't take it anymore.. > > Anyone found a solution for this? Hmmm... sendmail should reject messages based on the MAIL FROM: parameters if the sender address given is unresolvable. I guess that means the spammers are forging messages using valid addresses... sendmail has tcp_wrappers functionality compiled into it on FreeBSD, so how about a rule like: sendmail : PARANOID : RFC931 20 : deny in your /etc/hosts.allow ? That should cause sendmail to reject the attempted connection from any IP number with an unresolvable domain very early in the SMTP dialog. If you use FEATURE(`access_db') you can blacklist the netblocks used by the spammers, or you might find it more profitable to use something like DUL (http://mail-abuse.org/dul/ -- pay-for nowadays, bah!, or OSDUL (dialups.relays.osirusoft.com) --- plenty of DNS blocklists at http://moensted.dk/spam/) to prevent e-mails directly from netblocks used by dialups. Finally, there's FEATURE(`blacklist_recipients') that you could put into your sendmail.mc, which lets you reject messages (via the access db) based on the local addressee. The anti-spam section in /usr/share/sendmail/cf/README is well worth a read. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Marlow Tel: +44 1628 476614 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message