> -----Original Message----- > Ah, I see... you killed them at the firewall itself, before they even > got to sendmail. I was wondering how blocking the name servers > themselves would help, since (at least in my configuration) sendmail > doesn't reject just due to bad rDNS (not sure if that's even possible). > Unfortunately, no, I don't have control over the firewall. Indeed, > there is no hard firewall, so I only have software, and I'm not sure I > have anything that could do specifically this. > > Certainly it would be interesting to add such capability to SA (to add > points for known spammy DNS providers and/or registrars), though I > imagine that could be a recipe for FPs in some cases. Then again, we > did it for .pw URIs, so... > > --- Amir
You can reject on RDNS (or lack thereof) in sendmail depending on the version. Search for "require_rdns". On my newer servers it's included in sendmail. On an older server I had to implement it as a hack. But it's easily found on the web, and wasn't hard to implement. Kills a lot of spam, but also some legitimate mail. I put the IP addresses of the legitimate (albeit misconfigured) servers in my access file and that seems to do the job. You will need to check the logs for rejects and decide who's OK. There may be other options than the firewall - if you have access to the mail server itself, you could maybe run an instance of iptables. I presume you're running it on Linux. Or maybe put the name servers in the /etc/host file with 127.0.0.x addresses? Not sure if that would work or not. If all else fails, bribe the DNS admin! :-) ...Kevin -- Kevin Miller Network/email Administrator, CBJ MIS Dept. 155 South Seward Street Juneau, Alaska 99801 Phone: (907) 586-0242, Fax: (907) 586-4500 Registered Linux User No: 307357
