Sendmail - Increasing the Rejection Criteria
John Swartzentruber
nospam2 at mcswartz.org
Fri Mar 3 19:00:03 UTC 2006
On 3/3/2006 9:38 AM Scot L. Harris wrote:
> On Fri, 2006-03-03 at 08:26 -0600, JHorne wrote:
>> I would like my sendmail to reject any emails presented that have a
>> mismatched senders email at domain and host.domain. example:
>>
>> Return-Path: <info-c at inkstudio.com>
>> Received: from global-change-mail.com (cug31-1-82-234-61-176.fbx.proxad.net
>> [82.234.61.176])
>>
>> I have been searching for a couple weeks off and on for the answer to this,
>> but im having no luck at each attempt. Can someone shed light on how to
>> force sendmail to demand that senders domain match the hosts domain? With
>> rejection if they do not match? Reverse lookups are already enabled, but
>> that seems to only see if the hosts reverse records exists, not whether or
>> not the email being sent thru it is authorized.
>>
>> If this setting is even possible, yes, I realize the potential for false
>> positives, but at this point, in my eyes, this is by far my best solution to
>> rejecting spam on my private 5 account email server.
>>
>> Thanks in advance,
>> jonathan
>>
>
> Take a look at one of the greylisting solutions. I implemented
> milter-greylist at one small business and was able to block about 98% of
> the spam that was directed at their server. Spamassassin catches almost
> all of the remainder.
>
> greylisting uses a temp failure code (451), which most spammers do not
> handle per the RFC. That should eliminate most if not all of the type
> of messages you are targeting since most spam has forged from
> information.
I'll just ditto what Scot said. I run a personal mail server (about five
email accounts and four mailing lists). Between milter-greylist and
sbl-xbl.spamhaus.org, I'd say my wife and I get a total of maybe 1 spam
message a month. The greylisting stops anywhere from a dozen to a couple
hundred messages a day. The latter is usually after the latest worm
outbreak. I think your solution would have worse false positives than
you realize.
More information about the fedora-list
mailing list