Date: Wed, 25 Feb 1998 11:20:44 -0500 (EST) From: Andrew Webster <andrew@guardian.fortress.org> To: Michael.Bielicki@linkdesign.com Cc: shredder@hack.babel.dk, isp@FreeBSD.ORG Subject: Re: how to defeat ppl using my host as spam relay? (fwd) Message-ID: <Pine.BSF.3.96.980225103104.1225B-400000@guardian.fortress.org> In-Reply-To: <199802251357.OAA14989@cyprus.vds.linkdesign.com>
index | next in thread | previous in thread | raw e-mail
[-- Attachment #1 --] Been there, seen that! You need 2 different filters. Check_rcpt and the ones that are in /etc/mail. The first will setup a filter so that email must either originate or terminate on your system (i.e. can't relay; an exception list is provided for). The second filter will allow you to filter annoying SPAM addressed to you by source domain and IP address. On Wed, 25 Feb 1998 Michael.Bielicki@linkdesign.com wrote: > On 25 Feb, chrw wrote: > > > > > > Hello, > > > > One of my hosts is being used as a spam relay from an account at > > hotmail.com. I have contacted hotmail and the user that spams thru > > my sendmail (it didnt seem like a fake acct), with no luck. > > > > What I need is a rule in sendmail.cf so i can block mail from a certain > > domain, in this case hotmail.com. I dont have much experience with > > tweaking sendmail.cf, so I would be REALLY grateful, if someone can > > send me some using code to implement in my sendmail.cf .. I really > > want to act on this asap. I hope someone can help me out.. > > > > Im running sendmail 8.8.7. > > > > > > Regards, > > > > > > Christoffer Walther > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-isp" in the body of the message > > Look into /usr/src/etc/mail > There is everything u need for a nearly perfect spamfilter :) > > -- > Michael Bielicki > Buisnetco Telecom. Ltd. Link Design International Ltd. > 13 Iras Str., Office 23 65, Cliff Rd, Tramore > Nicosia 1061, Cyprus http://www.linkdesign.com Co. Waterford, Ireland > Voice: +357-2-362 421 Voice: +353-51-386921 > Fax: +357-2-362 429 We use FreeBSD Fax: +353-51-390880 > Andrew Webster andrew@pubnix.net Key fingerprint = CF E8 16 B8 A6 DB E3 C9 83 E7 96 24 25 58 15 6E PubNIX Montreal Connected to the world Branche au monde P.O. Box 147 Cote Saint Luc, Quebec H4V 2Y3 tel 514.990.5911 http://www.pubnix.net fax 514.990.9443 [-- Attachment #2 --] divert(-1) # # Copyright (c) 1996 Claus Assmann <ca@informatik.uni-kiel.de> # # In short: you can do whatever you want with this, but don't blame me! # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # divert(0) VERSIONID(`@(#)use_relayto.m4 1.0 (Claus Assmann) 1996-11-23') divert(-1) define(`_USE_RELAYTO_',1) PUSHDIVERT(6) # file containing names we relay to F{RelayTo} ifelse(_ARG_, `', `/etc/mail/RelayTo', `_ARG_') POPDIVERT [-- Attachment #3 --] divert(-1) # # Copyright (c) 1996 Claus Assmann <ca@informatik.uni-kiel.de> # # In short: you can do whatever you want with this, but don't blame me! # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # divert(0) VERSIONID(`@(#)use_ip.m4 1.1 (Claus Assmann) 1998-01-21') divert(-1) define(`_USE_IP_',`1') define(`_USE_RCPT_',`1') PUSHDIVERT(6) ifdef(`_LOCAL_IP_MAP_',`dnl', `# file containing IP numbers of machines which can use our relay F{LocalIP} ifelse(_ARG_, `', `/etc/mail/LocalIP', `_ARG_')') POPDIVERT [-- Attachment #4 --] divert(-1) # # Copyright (c) 1997,1998 Claus Assmann <ca@informatik.uni-kiel.de> # # In short: you can do whatever you want with this, but don't blame me! # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # # <URL: http://www.informatik.uni-kiel.de/%7Eca/email/check.html > # ifdef(`_ERR_MSG_RELAY_',`',`define(`_ERR_MSG_RELAY_',`550 we do not relay $&f')')dnl ifdef(`_CHECK_MAP_TYPE_',`',`define(`_CHECK_MAP_TYPE_',`dbm')')dnl ifdef(`_LOCAL_IP_MAP_',`define(`_CHECK_IPMAP_REQ_',`1')') define(`_USE_NAMES_RULES',`R $`'| $`'* $`'@ OK no client name: directly invoked #R$`'- $`'| $`'* $`'@ OK for those without full DNS... ifdef(`_NO_SUB_W_',`R$`'=w $`'| $`'* $`'@ OK from here', `R$`'*$`'=w $`'| $`'* $`'@ OK from here') R$`'*$`'={LocalNames} $`'| $`'* $`'@ OK from allowed system') divert(0) VERSIONID(`@(#)check_rcpt4.m4 3.1.5 (Claus Assmann) 1998-01-28') include(_CF_DIR_`'hack/junk.m4) PUSHDIVERT(6) ifdef(`_SPAM_FRIENDS_',dnl # file containing addresses which receive all mail without filtering F{SpamFriends} ifelse(_SPAM_FRIENDS_, `', `/etc/mail/SpamFriends', `_SPAM_FRIENDS_')) ifdef(`_MAP_SPAM_FRIENDS_',dnl # map containing addresses which receive all mail without filtering Kspam_friends ifelse(_MAP_SPAM_FRIENDS_, `', `_CHECK_MAP_TYPE_ -a@SPAMFRIEND /etc/mail/spam_friends', `_MAP_SPAM_FRIENDS_')) ifdef(`_RELAYTO_MAP_',dnl # map containing names of machines/hosts which can use our relay Kisrt ifelse(_RELAYTO_MAP_, `', `_CHECK_MAP_TYPE_ -a@RELAYTO /etc/mail/relayto', `_RELAYTO_MAP_')) ifdef(`_ALLOW_SOME_',dnl # list of domains and addresses which can send mail through # our relay if they appear in MAIL FROM: Kallow ifelse(_ALLOW_SOME_, `', `_CHECK_MAP_TYPE_ -a@ALLOWED /etc/mail/allow', `_ALLOW_SOME_')) ifdef(`_CHECK_RCPT_USER_',dnl # map for forbidden local names Kforbrcpt ifelse(_CHECK_RCPT_USER_,`', `_CHECK_MAP_TYPE_ -a@FORBIDDEN /etc/mail/forbrcpt', `_CHECK_RCPT_USER_')) ifdef(`_ISMX_',`# MX map (requires a patch) Kismx ismx',`dnl') ifdef(`_LOCAL_IP_MAP_',`# use map for local IP Klocalip ifelse(_LOCAL_IP_MAP_,`',`_CHECK_MAP_TYPE_ -m -a@MATCH /etc/mail/localIP',`_LOCAL_IP_MAP_')') POPDIVERT LOCAL_RULESETS ifdef(`_CHECK_MAIL_IN_RCPT_',`define(`_CHECK_RCPT_IN_RCPT_',`1')',`ifdef(`_CHECK_RELAY_IN_RCPT_',`define(`_CHECK_RCPT_IN_RCPT_',`1')',`dnl')') ifdef(`_CHECK_RCPT_IN_RCPT_', `Scheckrcpt', `Scheck_rcpt ifdef(`_SPAM_FRIENDS_',`# allow some local addresses; use only legal syntax R<$={SpamFriends}@$=w> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK') R<$={SpamFriends}> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK')',`dnl') ifdef(`_MAP_SPAM_FRIENDS_',`# allow some local addresses; use only legal syntax R<$+@$=w> $: <$(spam_friends $1 $) @ $2> R<$+@SPAMFRIEND@$=w> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK')',`dnl')') ifdef(`_CHECK_RCPT_USER_',`# local user address allowed? R$- $: <?> $1 $| $1 R<$+@$=w> $: <?> $1 $| <$1@$2> R<?> $+ + $* $| $* $: $(forbrcpt $1 $) $| $3 R<?> $+ $| $* $: $(forbrcpt $1 $) $| $2 RFORBIDDEN@FORBIDDEN $| $* $# error $@ NOUSER $: 553 Unrecognized username R$+@FORBIDDEN $| $* $# error $@ NOUSER $: $1 R$* $| $* $: $2 undo damage',`dnl') ifdef(`_USE_RCPT_', `', `errprint(`HACK "check_rcpt" requires use_ip or use_names')')dnl ifdef(`_USE_IP_', # first: get client address R$+ $: $(dequote "" $&{client_addr} $) $| $1 R0 $| $* $@ OK client_addr is 0 for sendmail -bs ifdef(`_LOCAL_IP_MAP_',`# use map for local IP R$* $| $+ $: $2 $| $>IPMap $1.localip R$* $| $*@MATCH $@ OK R$* $| $* $: $2 $| $1',`# class for local IP R$={LocalIP}$* $| $* $@ OK from here') ifdef(`_USE_NAMES_', # next: get client name R$* $| $+ $: $(dequote "" $&{client_name} $) $| $2 _USE_NAMES_RULES ), # first: get client name R$+ $: $(dequote "" $&{client_name} $) $| $1 _USE_NAMES_RULES )dnl # now check other side R$* $| $* $: $>3 $2 # remove local part R$+ $:$>remove_local $1 ifdef(`_ALLOW_SOME_', R$*<@$+>$* $: <RELAY> # now get and canonify the FROM address R$* $: $1 $| $>3 $(dequote "" $&f $) # compare it with an "allowed" domain R$* $| $*<@$*.>$* $: $1 $| $>allow $2<@$3> # match: ok R$* $| $*<@$*@ALLOWED>$* $@ ok # nope: it's a relay attempt R<RELAY> $| $* $#error $@ 5.7.1 $: _ERR_MSG_RELAY_, # still something left? R$*<@$+>$* $#error $@ 5.7.1 $: _ERR_MSG_RELAY_) ifdef(`_ALLOW_SOME_',` # check for allowed addresses Sallow # lookup domain in database R$*<@$+> $:$1<@$(allow $2$)> # exists? return R$*<@$*@ALLOWED> $@$1<@$2@ALLOWED> # lookup address in database R$*<@$+> $:$1<@$(allow $1@$2 $:$2$)> # exists? return R$*<@$*@ALLOWED> $@$1<@$2@ALLOWED> # remove one subdomain; try again R$*<@$-.$-.$+> $: $>allow $1<@$3.$4> ') Sremove_local # remove local part (maybe repeatedly) ifdef(`_ISMX_',`# See if we are MX for this host R$*<@$+>$* $: $1 <@ $(ismx $2 $: NOMX $) > $3 R$*<@NOMX>$* $#error $@ 5.7.1 $: 571 unauthorized relay destination R$*<@TEMPFAIL>$* $#error $@ 4.5.1 $: 451 Cannot resolve destination', `ifdef(`_RELAYTO_MAP_',`dnl' R$*<@$+.>$* $:$1<@$(isrt $2 $:$2.$)>$3 R$*<@$*@RELAYTO>$* $:$>remove_local $>3 $1 $3 ifdef(`_CLASS_W_TOO_',`R$*<@$=w.>$* $:$>remove_local $>3 $1 $3',`dnl') R$*<@$-.$+.>$* $:$>remove_local $1<@$3.>$4 R$*<@$*>$* $@ $1<@$2>$3, ifdef(`_USE_RELAYTO_',`dnl' R$*<@$*$={RelayTo}.>$* $>3 $1 $4 R$*<@$=w.>$* $: $>remove_local $>3 $1 $3, R$*<@$=w.>$* $>3 $1 $3) ifdef(`_MAILER_uucp_',`dnl' ifdef(`_CLASS_U_', `R$*<@$=U.UUCP.>$* $: $>remove_local $>3 $1 $3',`dnl') ifdef(`_CLASS_V_', `R$*<@$=V.UUCP.>$* $: $>remove_local $>3 $1 $3',`dnl') ifdef(`_CLASS_W_', `R$*<@$=W.UUCP.>$* $: $>remove_local $>3 $1 $3',`dnl') ifdef(`_CLASS_X_', `R$*<@$=X.UUCP.>$* $: $>remove_local $>3 $1 $3',`dnl') ifdef(`_CLASS_Y_', `R$*<@$=Y.UUCP.>$* $: $>remove_local $>3 $1 $3',`dnl') R$*<@$=Z.UUCP.>$* $: $>remove_local $>3 $1 $3, `dnl') R$*<@$*>$* $@ $1<@$2>$3)') # dequote local part R$- $: $>3 $(dequote $1 $) R$*<@$*>$* $: $>remove_local $1<@$2>$3 ifdef(`_CHECK_RCPT_IN_RCPT_',` Scheck_rcpt ifdef(`_SPAM_FRIENDS_',`# allow some local addresses; use only legal syntax R<$={SpamFriends}@$=w> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK') R<$={SpamFriends}> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK')',`dnl') ifdef(`_MAP_SPAM_FRIENDS_',`# allow some local addresses; use only legal syntax R<$+@$=w> $: <$(spam_friends $1 $) @ $2> R<$+@SPAMFRIEND@$=w> $@ ifdef(`_FRIEND_STORAGE_', `$(friend YES $)', `OK')',`dnl') # call the rulesets R$* $: $>checkrcpt $1 ifdef(`_CHECK_MAIL_IN_RCPT_',`dnl R$* $: <$(dequote "" $&f $)> R<<$*>> <$1> strip superfluous < > R<$*> $: $>checkmail <$1> ifdef(`_ACCEPT_SOME_',`dnl R<$*@$*@ACCEPT> $@ ACCEPT',`dnl')',`dnl') ifdef(`_CHECK_RELAY_IN_RCPT_',`dnl R$* $: $>checkrelay $(dequote "" $&{client_name} $| $&{client_addr} $)',`dnl')',`dnl') divert(0)help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980225103104.1225B-400000>