On Sun, Jul 20, 2003 at 05:37:31PM -0500, Jack L. Stone typed:
> At 09:38 PM 7.20.2003 +0100, Matthew Seaman wrote:
> >On Sun, Jul 20, 2003 at 01:37:15PM -0500, Kevin Kinsey, DaleCo, S.P. wrote:
> >> I'm not happy that Sendmail is
> >> allowing connections from non-
> >> existent hosts (i.e., spammers...)
> >> I run Sendmail more or less straight
> >> "out of the box" on -stable. I had
> >> been under the impression that the
> >> line
> >> ALL : PARANOID : RFC931 20 : deny
> >> in /etc/hosts.allow would help reject
> >> some of this stuff. However, as the
> >> amount of spam in my inbox is
> >> beginning to attest, this isn't the case.
> >> I've been googling and searching the
> >> archives with strings similar to the
> >> one in the title, and haven't yet grok
> >> what I'm supposed to do to get this
> >> to work...
> >> So, how do I tell Sendmail that if
> >> a host doesn't exist, (i.e. d3kr890d.129ddk.org)
> >> I don't want to talk to it...
> >The way that sendmail(8) uses tcp wrappers is slightly different to
> >most daemons. Instead of outright refusing to connect (which would
> >lead to the other side trying again every half hour or so for the next
> >five days), it permits the remote side to connect and then issues a
> >permanent reject code during the SMTP dialogue.
> >Even without enabling tcp wrappers functionality, sendmail should
> >still reject egregiously forged addresses. You have to add
> > FEATURE(`accept_unresolvable_domains')dnl
> >to your `hostname`.mc file to allow incoming mail from domains without
> >either A or MX records registered in the DNS.
> > Cheers,
> > Matthew
> Matthew: Are you saying that the above 'FEATURE' should be used in addition
> to Dan Nelson's suggestion for the adding of these local_rules...?
He is saying that the stock sendmail should allready have the behaviour
you want. Only when you want to disable this behaviour (which you don't)
you can add this FEATURE.
Your link to sendmail.org is about an older version (8.10) of sendmail.
What sendmail version are you using?
> This is something I had been looking for & just yesterday made up a
> procmail recipe to grab the forgeries specifically. I'm getting quite a few
> of them here.
> Best regards,
> Jack L. Stone,
> SageOne Net
> [EMAIL PROTECTED]
> [EMAIL PROTECTED] mailing list
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"