Date: Thu, 15 Apr 2004 12:26:34 -0500 From: Dan Nelson <dnelson@allantgroup.com> To: Martin McCormick <martin@dc.cis.okstate.edu> Cc: freebsd-questions@freebsd.org Subject: Re: Setting Sendmail to Refuse Possibly Forged Headers Message-ID: <20040415172633.GI28745@dan.emsphone.com> In-Reply-To: <200404151631.i3FGVGOf005743@dc.cis.okstate.edu> References: <200404151631.i3FGVGOf005743@dc.cis.okstate.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
In the last episode (Apr 15), Martin McCormick said:
> The sendmail that comes with FreeBSD is set to disallow all
> third-party relaying which is wonderful and how I want to keep
> things.
>
> In addition to that, I would like to try to set it to refuse
> incoming mail with forged address headers. Judging from the logs, it
> seems to be pretty good at catching such messages and most of the
> ones I look at that trigger this warning are spam.
Take a look at the milter-sender port, which checks the sender's email
address and verifies that an smtp server is listening. It's not
something that can be done within sendmail, which is why it's a milter.
Another thing to check is the HELO string. The following will block
all incoming mails claiming to be the mailserver itself. Replace
XXXXXX your with server's IP and domainnames, spearated by spaces (so
"C{RejectHelo} 1.2.3.4 mydomain.com", for example). I deny ~500 spams
a day with this rule alone.
#+\/+ Block connections from servers that try and send our IP or hostname in the HELO
LOCAL_CONFIG
C{RejectHelo} XXXXXXXXXX
LOCAL_RULESETS
SLocal_check_mail
R$* $: $1 $| $&s Put helo name in workspace
R$* $| $={RejectHelo} $#error $@ 5.7.1 $: "550 Spammer access denied"
R$* $| $* $: $1 Extract helo from workspace if it doesn't match
#-/\-
--
Dan Nelson
dnelson@allantgroup.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040415172633.GI28745>