A while back, I posted a note asking if anyone had any ideas why the /etc/mail/access file was not being parsed or utilized in the efforts to stop spam and junk mail. I just looked over things again, and have still not found any reason why it still permits the TLD's I have listed to pass thru. I also thought perhaps there might be some "upper limit" to the number of entries sendmail could handle. What do the sendmail guru's think about that idea? I may reduce the number of entries from the current 275 +/- down to just the most offensive TLD's and see what happens. Short of that, are there any other thoughts ya'll might have as to why it still passes the stuff I want blocked? Thanks.. Sam -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20060311/638a9332/attachment.html>
On 12/03/06, Sam Drinkard <sam at wa4phy.net> wrote:> A while back, I posted a note asking if anyone had any ideas why the > /etc/mail/access file was not being parsed or utilized in the efforts to > stop spam and junk mail. I just looked over things again, and have still > not found any reason why it still permits the TLD's I have listed to pass > thru. I also thought perhaps there might be some "upper limit" to the > number of entries sendmail could handle. What do the sendmail guru's think > about that idea? I may reduce the number of entries from the current 275 > +/- down to just the most offensive TLD's and see what happens. Short of > that, are there any other thoughts ya'll might have as to why it still > passes the stuff I want blocked?I don't know the ins-and-outs of Sendmail access well but does it base its decision purely on the "From" address, which as we all know isn't necessarily where a message originates. Or could it be basing the access decision on the initial Received: from address, and/or that addresses reverse lookup, in the header? In which case, a spam could originate from mail.blah.com and access would accept it but the message itself would appear to come from spammers at domain.ru. You'd accept the message inspite of having .ru denied in your access. Just a thought. Will.
On Saturday 11 March 2006 23:31, Sam Drinkard wrote:> have listed to pass thru. I also thought perhaps there might be some > "upper limit" to the number of entries sendmail could handle. What do > the sendmail guru's think about that idea? I may reduce the number of > entries from the current 275 +/- down to just the most offensive TLD's > and see what happens. Short of that, are there any other thoughts ya'll > might have as to why it still passes the stuff I want blocked?On the upper limit issue, here's some output from a machine I help with (I am not the mail admin on this machine, though, and I don't necessarily agree with doing anti-spam with REJECT lines in access....): [root at www mail]# ls -l access -rw-r--r-- 1 root root 1120618 Feb 22 06:36 access [root at www mail]# pwd /etc/mail [root at www mail]# wc -l access 38628 access [root at www mail]# grep DISCARD access|wc -l 3121 [root at www mail]# grep REJECT access|wc -l 35480 [root at www mail]# grep RELAY access|wc -l 4 [root at www mail]# cat /etc/redhat-release CentOS release 4.2 (Final) [root at www mail]# rpm -q sendmail sendmail-8.13.1-2 [root at www mail]# Yes, thirty-eight thousand six hundred twenty-eight lines. Works fine. I don't think 275 entries hits any upper limit. -- Lamar Owen Director of Information Technology Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu