Sendmail: How does one blacklist annoying spammers?
Daniel B. Thurman
dant at cdkkt.com
Sun Jun 27 20:49:48 UTC 2010
On 06/27/2010 01:23 PM, Daniel B. Thurman wrote:
> On 06/27/2010 12:45 PM, Daniel B. Thurman wrote:
>
>> On 06/27/2010 12:27 PM, Kevin J. Cummings wrote:
>>
>>
>>> On 06/27/2010 12:45 PM, Daniel B. Thurman wrote:
>>>
>>>
>>>
>>>
>>>> I wanted to mention that there are some in this posting that
>>>> are recommending greylisting... but have not said anything
>>>> about how this is implemented into sendmail... so, what is
>>>> your take on this?
>>>>
>>>>
>>>>
>>> yum install milter-greylist
>>>
>>> and possibly one of milter-greylist-sysvinit or milter-greylist-upstart
>>> (though mine doesn't seem to be configure with chkconfig)
>>>
>>> As for my sendmail.mc changes:
>>>
>>> Add
>>>
>>>
>>>> dnl #
>>>> dnl # Greylist Milter Support
>>>> dnl #
>>>> INPUT_MAIL_FILTER(`greylist',`S=local:/var/run/milter-greylist/milter-greylist.sock', F=, T=C:5m;S:4m;R:4m;E:5m')dnl
>>>>
>>>> dnl define(`confMILTER_MACROS_CONNECT', confMILTER_MACROS_CONNECT`,{daemon_port}')dnl
>>>> dnl define(`confMILTER_MACROS_HELO', confMILTER_MACROS_HELO`,{verify},{client_resolve}')dnl
>>>> dnl define(`confMILTER_MACROS_ENVRCPT', confMILTER_MACROS_ENVRCPT`,{client_resolve}')dnl
>>>>
>>>> define(`confMILTER_MACROS_CONNECT', `j, {if_addr}')dnl
>>>> define(`confMILTER_MACROS_HELO', `{verify}, {cert_subject}')dnl
>>>> define(`confMILTER_MACROS_ENVFROM', `i, {auth_authen}')dnl
>>>> define(`confMILTER_MACROS_ENVRCPT', `{greylist}')dnl
>>>>
>>>>
>>>>
>>> to your /etc/mail/sendmail.mc file (in the section on sendmail milter
>>> support) and rebuild it with
>>>
>>> /etc/mail/make
>>>
>>>
>>>
>>>> Thanks-
>>>> Dan
>>>>
>>>>
>>>>
>> Awesome! Thanks!
>> I need to understand the grey/whitelist bit... before proceeding though...
>>
>> Not yet sure what's all involved for configuring it properly,
>> but thanks, for your contribution!
>>
>> Dan
>>
>>
> Looks like I am running to a couple of problems:
>
> 1) Starting greylist-milter daemon:
> a) # service milter-greylist restart
> Stopping Milter-Greylist: [ OK ]
> Starting Milter-Greylist: /usr/sbin/milter-greylist: Symbol `GeoIP_\
> country_code' has different size in shared object, consider
> re-linking [ OK ]
>
> b) In /var.logs/maillog:
> [...] cannot read dumpfile
> "/var/lib/milter-greylist/db/greylist.db"
>
> 2) Restarting Sendmail (SELinux issue?)
> Starting sendmail: 451 4.0.0 /etc/mail/sendmail.cf: line 1833: \
> Xgreylist: local socket name
> /var/run/milter-greylist/milter-greylist.sock \
> unsafe: Permission denied
>
This is the audit log of milter-greylist:
type=AVC msg=audit(1277670351.513:52178): avc: denied { getattr } for
pid=30048 comm="sendmail"
path="/var/run/milter-greylist/milter-greylist.sock" dev=sda3
ino=4114571 scontext=unconfined_u:system_r:sendmail_t:s0
tcontext=unconfined_u:object_r:var_run_t:s0 tclass=sock_file
More information about the users
mailing list