Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 17 Apr 2002 17:44:30 +1200
From:      Jonathan Chen <jonc@chen.org.nz>
To:        Giorgos Keramidas <keramida@ceid.upatras.gr>, Sam <sam@wa4phy.net>, questions@FreeBSD.ORG
Subject:   Re: rc.firewall rules help
Message-ID:  <20020417174430.A63154@grimoire.chen.org.nz>
In-Reply-To: <20020417144131.B62542@grimoire.chen.org.nz>; from jonc@chen.org.nz on Wed, Apr 17, 2002 at 02:41:31PM %2B1200
References:  <3CBC6847.5D03116B@vortex.wa4phy.net> <20020417012021.GA28097@hades.hell.gr> <20020417144131.B62542@grimoire.chen.org.nz>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Wed, Apr 17, 2002 at 02:41:31PM +1200, Jonathan Chen wrote:
> On Wed, Apr 17, 2002 at 04:20:21AM +0300, Giorgos Keramidas wrote:
> > On 2002-04-16 14:07, Sam wrote:
> > > Can someone give me some hints how to stop connections from spambots by
> > > refusing smtp or tcp connections from hosts who won't resolve via
> > > reverse lookup, or even forward lookup?  Is the firewall script the
> > > appropriate place to put that, or would somewhere within sendmail be
> > > more better?
> > 
> > Sendmail by default does that already.  You need to explicitly disable
> > it, by using either one or both of:
> > 
> > 	FEATURE(`accept_unqualified_senders')dnl
> > 	FEATURE(`accept_unresolvable_domains')dnl
> 
> That's not true. Sendmail will accept connections from unresolvable
> domains (I've got the email to prove this). By default, it will not
> accept email with a unresolveable MAIL FROM: during the conversation.
> The last option listed above disables this check.
> 
> To disable connections from unresolvable domains requires extending the
> Local_relay_check rule within the mc file. Exactly just what needs to
> be put in is a mystery to me - I don't grok the syntax.

On rereading my own post, I realise that what I should be talking
about should be "IP failing reverse-lookup", and that that sendmail is
indeed correct in its usage of denying unresolvable domains.

Sorry!
-- 
Jonathan Chen <jonc@chen.org.nz>
----------------------------------------------------------------------
                                             When all else fails, RTFM

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020417174430.A63154>