Recipe 6.1 Blocking Spam with the access Database

Previous page
Table of content
Next page

Recipe 6.1 Blocking Spam with the access Database

Problem

Because the bulk of mail arriving from specific sites is junk, you have been asked to configure sendmail to block all mail from those sites.

Solution

Add the addresses you want blocked to the /etc/mail/access text file. The key to each entry is the spammer's address, and the return is either DISCARD , to silently drop the mail; REJECT , to drop the mail with a standard error; or ERROR , to reject the mail with a customer error message. Use the makemap script to build a hash database from the text file.

Next, create a sendmail configuration containing the access_db feature. Here is the required FEATURE macro: 

 dnl Use the access database FEATURE(`access_db')

Following the example in Recipe 1.8, rebuild the sendmail.cf file, copy the new sendmail.cf file to /etc/mail , and restart sendmail.

Discussion

Use REJECT , ERROR , or DISCARD in the access database to block junk mail. The following sample access database blocks mail from three sites: 

 example.com          REJECT wrotethebook.net     ERROR:5.7.1:550 Invalid mail source fake.ora.com         DISCARD

A telnet test shows what the remote site sees depending on the action defined in the database: 

 #  telnet localhost smtp  Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 chef.wrotethebook.com ESMTP Sendmail 8.12.9/8.12.9; Fri, 22 Aug 2003 12:01:37 - 0400  HELO localhost  250 chef.wrotethebook.com Hello IDENT:UWSRv+Jij66J8vALUBVBECbGPVoU8OQe@localhost  [127.0.0.1], pleased to meet you  MAIL From:<crooks@example.com>  550 5.7.1 <crooks@example.com>... Access denied  MAIL From:<thieves@wrotethebook.net>  550 5.7.1 <thieves@wrotethebook.net>... Invalid mail source  MAIL From:<junk@fake.ora.com>  250 2.1.0 <junk@fake.ora.com>... Sender ok  QUIT  221 2.0.0 chef.wrotethebook.com closing connection Connection closed by foreign host.

Mail from example.com is rejected with an "Access denied" error because the example.com entry in the sample access database defines REJECT as the action taken for mail received from that domain. Mail from wrotethebook.net is rejected with the error "Invalid mail source," which was defined in the access database with the ERROR command. On the other hand, from the point of view of the remote system, mail from fake.ora.com appears to be accepted by the server. A sendmail -bt test is needed to see the effect of the DISCARD action defined in the access database for mail from fake.ora.com : 

 #  sendmail -bt  ADDRESS TEST MODE (ruleset 3 NOT automatically invoked) Enter <ruleset> <address> >  check_mail junk@fake.ora.com  check_mail         input: junk @ fake . ora . com Basic_check_mail   input: junk @ fake . ora . com tls_client         input: $ MAIL D                  input: < > < ? > < ! "TLS_Clt" > < > D                returns: < ? > < > < ? > < ! "TLS_Clt" > < > A                  input: < > < ? > < ! "TLS_Clt" > < > A                returns: < > < ? > < ! "TLS_Clt" > < > TLS_connection     input: $ < > < ? > < ! "TLS_Clt" > < > TLS_connection   returns: OK tls_client       returns: OK CanonAddr          input: < junk @ fake . ora . com > canonify           input: < junk @ fake . ora . com > Canonify2          input: junk < @ fake . ora . com > Canonify2        returns: junk < @ fake . ora . com > canonify         returns: junk < @ fake . ora . com > Parse0             input: junk < @ fake . ora . com > Parse0           returns: junk < @ fake . ora . com > CanonAddr        returns: junk < @ fake . ora . com > SearchList         input: < + From > $ < F : junk @ fake . ora . com > < U : junk @  > < D : fake . ora . com > < > F                  input: < junk @ fake . ora . com > < ? > < + From > < > F                returns: < ? > < > SearchList         input: < + From > $ < U : junk @ > < D : fake . ora . com > < > U                  input: < junk @ > < ? > < + From > < > U                returns: < ? > < > SearchList         input: < + From > $ < D : fake . ora . com > < > D                  input: < fake . ora . com > < ? > < + From > < > D                returns: < DISCARD > < > SearchList       returns: < DISCARD > SearchList       returns: < DISCARD > SearchList       returns: < DISCARD > Basic_check_mail returns: $# discard $: discard check_mail       returns: $# discard $: discard >  /quit

In this test, the address junk@fake.ora.com is processed through the check_mail ruleset, which checks the MAIL From : address. The check_mail ruleset processes the address and returns "discard," meaning that mail from fake.ora.com will be silently discarded.

See Also

The cf/README file, Chapter 3, and Introduction to this chapter provide more information about the access database. The sendmail book covers the access database in Section 7.5.


Previous page
Table of content
Next page
Sendmail Cookbook
sendmail Cookbook
ISBN: 0596004710
EAN: 2147483647
Year: 2005
Pages: 178
Authors: Craig Hunt
BUY ON AMAZON
Java How to Program (6th Edition) (How to Program (Deitel))
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Special Edition Using Crystal Reports 10
File System Forensic Analysis
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
The Oracle Hackers Handbook: Hacking and Defending Oracle
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy