Sendmail - Increasing the Rejection Criteria

[John Swartzentruber]

On 3/3/2006 9:38 AM Scot L. Harris wrote:
> On Fri, 2006-03-03 at 08:26 -0600, JHorne wrote:
>> I would like my sendmail to reject any emails presented that have a
>> mismatched senders email at domain and host.domain.  example:
>>
>> Return-Path: <info-c at inkstudio.com>
>> Received: from global-change-mail.com (cug31-1-82-234-61-176.fbx.proxad.net
>> [82.234.61.176])
>>
>> I have been searching for a couple weeks off and on for the answer to this,
>> but im having no luck at each attempt.  Can someone shed light on how to
>> force sendmail to demand that senders domain match the hosts domain?  With
>> rejection if they do not match?  Reverse lookups are already enabled, but
>> that seems to only see if the hosts reverse records exists, not whether or
>> not the email being sent thru it is authorized.
>>
>> If this setting is even possible, yes, I realize the potential for false
>> positives, but at this point, in my eyes, this is by far my best solution to
>> rejecting spam on my private 5 account email server.
>>
>> Thanks in advance,
>> jonathan
>>
> 
> Take a look at one of the greylisting solutions.  I implemented
> milter-greylist at one small business and was able to block about 98% of
> the spam that was directed at their server.  Spamassassin catches almost
> all of the remainder.
> 
> greylisting uses a temp failure code (451), which most spammers do not
> handle per the RFC.  That should eliminate most if not all of the type
> of messages you are targeting since most spam has forged from
> information.

I'll just ditto what Scot said. I run a personal mail server (about five 
email accounts and four mailing lists). Between milter-greylist and 
sbl-xbl.spamhaus.org, I'd say my wife and I get a total of maybe 1 spam 
message a month. The greylisting stops anywhere from a dozen to a couple 
hundred messages a day. The latter is usually after the latest worm 
outbreak. I think your solution would have worse false positives than 
you realize.