[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Sendmail - Increasing the Rejection Criteria



On Fri, 2006-03-03 at 09:38 -0500, Scot L. Harris wrote:
> On Fri, 2006-03-03 at 08:26 -0600, JHorne wrote:
> > I would like my sendmail to reject any emails presented that have a
> > mismatched senders email domain and host.domain.  example:
> > 
> > Return-Path: <info-c inkstudio com>
> > Received: from global-change-mail.com (cug31-1-82-234-61-176.fbx.proxad.net
> > [82.234.61.176])
> > 
> > I have been searching for a couple weeks off and on for the answer to this,
> > but im having no luck at each attempt.  Can someone shed light on how to
> > force sendmail to demand that senders domain match the hosts domain?  With
> > rejection if they do not match?  Reverse lookups are already enabled, but
> > that seems to only see if the hosts reverse records exists, not whether or
> > not the email being sent thru it is authorized.
> > 
> > If this setting is even possible, yes, I realize the potential for false
> > positives, but at this point, in my eyes, this is by far my best solution to
> > rejecting spam on my private 5 account email server.
> > 
> > Thanks in advance,
> > jonathan
> > 
> 
> Take a look at one of the greylisting solutions.  I implemented
> milter-greylist at one small business and was able to block about 98% of
> the spam that was directed at their server.  Spamassassin catches almost
> all of the remainder.
> 
> greylisting uses a temp failure code (451), which most spammers do not
> handle per the RFC.  That should eliminate most if not all of the type
> of messages you are targeting since most spam has forged from
> information.
----
I use greylisting and probably would encourage its use but this answer
is not responsive to the question asked.

There is no valid reason to 'force sendmail to demand that senders
domain match the hosts domain' - not only would that break RFC's (the
standards), that would cause the failure of a lot of legitimate mail
especially since many Internet providers are blocking SMTP ports so you
can't always reach the SMTP server for your domain if you wanted to.

There are a lot of good solutions to blocking spam and you should
implement them as a layered approach of which greylisting at this moment
in time is a good layer to incorporate. So is using RBL's, DNSBL's SARE
rulesets, RulesDuJour etc.

Craig


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]