Blacklists and rejecting mail with Sendmail



A long time ago I had found how easy it was to reject messages outright with Postfix that came from non-existent domains. You know… junk from asdflkjuasdlfkjh@imadethisupmyselfanditsnotregisteredanywhere.com

Well, since the mailserver at THIS site runs sendmail I wanted to fix sendmail the same as my home server. My home server is postfix based and uses fetchmail to pull from the website. Since I had the rules set to reject non-existent domains at home it would essentially strand messages in the account here at the website which would then need to be cleaned out manually.


I did some looking at the time and didn’t find a promising way to do it. I have felt more comfortable with postfix configuration than sendmail. So, I emailed support at the webhost and their answer (from Level 1 tech support if I recall) was along the lines of. Sorry, we can’t do that. If you can figure it out you might try it, but you’re on your own.

Thanks…

So, as I was investigating blacklisting lately I learned more about sendmail in the process….
For starters, I had not learned the “proper” way to configure sendmail before. I’d always made my changes directly to the sendmail.cf file a’la postfix’s main.cf…. apparently that’s the hard way to do things… there’s a file at /etc/mail/sendmail.mc that makes things MUCH easier. After changes to the template at sendmail.mc are made, then you can “re-generate” your sendmail.cf file by doing this…

m4 /etc/mail/sendmail.mc > /etc/sendmail.cf

OK.. so among the things I was doing was adding blacklists to outright reject mail from various sending IP’s. Here’s an example of one line of this.

FEATURE(`dnsbl’, `sbl-xbl.spamhaus.org’, `”550 Mail from ” $&{client_addr} ” refused – see http://www.spamhaus.org/SBL/”‘)dnl

I should warn here to think through very carefully adding dynamic address blacklisting. In my situation I relay from a dynamic home address through my webserver, so…. dynamic address blacklisting would prevent that relaying…

Anyway…. here’s the magic setting to reject mail from unknown/nonexistent domains….

dnl We strongly recommend to comment this one out if you want to protect
dnl yourself from spam. However, the laptop and users on computers that do
dnl not have 24×7 DNS do need this.
dnl FEATURE(`accept_unresolvable_domains’)dnl

dnl is the way you comment out a line and …. lo and behold the default setup from my isp had this feature enabled…. which meant that there was no check to verify if the sending domain was resolvable. It has tremendously cut down on my “caught in limbo” junk mail. For a period I was having to clear out ~200 messages through webmail every week or two. Now, it’s been a month and there are only ~12 messages that have been accepted by sendmail that postfix balked on.

So, anyway… the search for one problem wound up leading me to the answer to a 6 month old question…. nice when things converge like that.

Related Posts

Blog Traffic Exchange Related Posts
  • FBI / CIA virus Well... the media has taken the drab name of w32sober.X@mm or w32sober.x or w32sober.y, W32/Sober.AD-mm or any of those other drab names that we've been looking at the last week and dubbed the latest big virus, the FBI/CIA virus.... and it's gotten a lot of press the last few days.......
  • What a week.... I think it's time to pass along a long story of what's gone on over the last week or so here and some of the reasons there hasn't been anything posted. Generally, I would say that work has been busy, but something happened last week that went a bit beyond......
  • Linux on a Linksys wireless router This is one of those projects I've been tempted to undertake for some time... Newsforge has an article on Linux on the Linksys wireless WRT54G and WRT54GS routers. The distribution designed for it is openwrt which is an embedded linux flavor. Among other things, this install would give a full......
Blog Traffic Exchange Related Websites
en.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site