-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Andy Pieters wrote: > On Sunday 13 November 2005 23:06, Craig McLean wrote: >> Andy Pieters wrote: >>> Hi list >>> >>> We have been receiving a lot of spam from the .jp tld lately. What's >>> more is this: >> [snip] >> [Saw this on the fedora list..] > > Correct, and the list also sugested to post on spamassassin...
Yep, that was me ;-) This is a list for users and admins of SA, about configuring and rule-writing and so-on. [snip] >> http://www.cs.niu.edu/~rickert/cf/bad-ehlo.html for caveats! > > I tried that, I appended the m4 file to the sendmail.mc file and then did a > Make -C /etc/mail and service mail restart but after that sendmail doesn't > even start. Ok, well if you read my last message, I've indicated a better way than appending the whole thing in. Just include it using a line like: include(`/usr/share/sendmail-cf/hack/block_bad_helo.m4')dnl to your sendmail.mc, do a "make sendmail.cf" and then "service sendmail restart". > > The instructions are a bit vague as well, I want to specify that 127.0.0.1 is > allowed to forward (duh!) and 81.220.168.250 as well. Furthermore I want > that if someone claims to be vlaamse-kern.com it gets rejected. Don't worry about that, as long as 81.220.168.250 HELOs as a valid (i.e. with a "." in it) hostname that's not vlaamse-kern.com then you'll be fine. Localhost mail is allowed. > Furthermore I lost the sendmail.mc file because I thought vi made a backup > copy but aparently it didn't and I deleted the sendmail.mc. I'll forward mine to you. > postfix is a replacement for sendmail? Yep. http://www.postfix.org/ >> Also, assuming you are using Fedora on a box with 24/7 connection, you >> might consider commenting out the accept_unresolvable_domains feature, >> and changing the confPRIVACY_FLAGS to something more restrictive, like >> `goaway,nobodyreturn,needmailhelo'. >> > Could you explain what this means please? You'll have a line like: define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl in sendmail.mc. Consider changing it to define(`confPRIVACY_FLAGS',`goaway,nobodyreturn,needmailhelo,restrictqrun')dnl 'goaway' means that sendmail will give almost no help to the remote system when it connects (it shouldn't need *any* help) and is a "catch all" for a bunch of other rules (at least on bsd). 'nobodyreturn' Won't return the body of a message if it is bounced, 'needmailhelo' requires that a HELO is recieved before mail can be sent, and 'restrictqrun' will only allow root to run the mail queue manually. If you want to have a chat about this (sendmail, that is) in more detail, we might want to take it off-list. C. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDd8u5MDDagS2VwJ4RAsP1AKDwqVFPeV/DFZSR/IkNrOBF2tktjwCg5OE7 XeM/Uu6CK4UqTpnZdFHIPVk= =mBgT -----END PGP SIGNATURE-----
