Kenneth Porter wrote:
--On Saturday, September 27, 2003 7:07 PM -0500 Frank Pineau <[EMAIL PROTECTED]> wrote:
I wouldn't wanna run my MTA via inet (or xinet). It would make more sense to use the script to generate an iptables rule (or whatever firewall you use).
I'm not sure but can't sendmail be built with the tcpwrappers library so that the rejection happens during the connection before any SMTP protocol starts?
Another approach, which I use internally, is to have a script build a local RBL, and have your MTA use existing rbl checks to outright deny. This is pretty straitforward, doesn't require mondifying the MTA, works with about any MTA, and is easily distributable across a server farm.
I've been using rbldns from djb. It's got the typical djb things that drive me nuts (goofy startup method, PITA chroot, wacky logfile), but it works great. The scripts could probably just as easily generate a BIND zone file, too.
--Rich
_________________________________________________________
Rich Puhek ETN Systems Inc. 2125 1st Ave East Hibbing MN 55746
tel: 218.262.1130 email: [EMAIL PROTECTED] _________________________________________________________
------------------------------------------------------- This sf.net email is sponsored by:ThinkGeek Welcome to geek heaven. http://thinkgeek.com/sf _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
