Sendmail/LogWatch reports (may be forged)
Paul Howarth
paul at city-fan.org
Wed Dec 7 18:43:29 UTC 2005
Timothy Alberts wrote:
> Thank you for the response Paul.
>
> I like the idea of blocking an IP range, as I'm already doing that for
> several spammers. However, when I blocked on IP, they changed IP to
> 200.206.123.10. I could try and block multiple IP ranges, but it's just
> a moving target I think. I block one and they move to another. I don't
> want to have to play that game.
>
> So if sendmail finds that it can't trust the name (DNS fails in some
> manner), is there a way to configure sendmail to REJECT the mail as it
> is coming in based on failed DNS, rather than block IP ranges?
Technically this is possible, but you'll very likely find that you lose
a lot of mail you actually want if you do that, since many sites still
have broken rDNS.
You might have better luck using a blacklist, such as SBL-XBL
(http://www.spamhaus.org/xbl/index.lasso). You can configure this in
sendmail.mc as follows:
define(`DNSBL_MAP',`dns -R A')dnl
FEATURE(`dnsbl',`sbl-xbl.spamhaus.org',`"550 Mail from your server
rejected - see http://www.spamhaus.org/query/bl?ip="
$&{client_addr}',`t')dnl
(the FEATURE is one long line)
P.S. Please don't top-post on this mailing list.
Paul.
More information about the users
mailing list