On Fri, Jun 01, 2001 at 01:04:36PM +1000, Peter McCarthy wrote:
> I read that sendmail will automatically reject email that does not have a host
> name that resolves, however this does not seem to be working for the following
> example.
Depending upon your configuration, but yes, it can be configured to
reject mail from which do not resolve. Note that this is based on the
envelope, not the message headers. This is a common cause of confusion.
The envelope addresses are those passed in the `mail from' and `rcpt to'
smtp commands. Here's an example:
[johnc@dropbear ~]$ telnet wombat.vastsystems.com.au 25
Trying 192.168.1.1...
Connected to wombat.vastsystems.com.au (192.168.1.1).
Escape character is '^]'.
220 vastsystems.com.au ESMTP Sendmail 8.11.0/8.11.0; Fri, 1 Jun 2001 17:17:11 +1000
ehlo dropbear.vastsystems.com.au
250-wombat.vastsystems.com.au Hello IDENT:[EMAIL PROTECTED]
[192.168.1.16], pleased to meet you
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-SIZE
250-DSN
250-ONEX
250-ETRN
250-XUSR
250 HELP
mail from: [EMAIL PROTECTED]
250 2.1.0 [EMAIL PROTECTED] Sender ok
rcpt to: [EMAIL PROTECTED]
250 2.1.5 [EMAIL PROTECTED] Recipient ok
data
354 Enter mail, end with "." on a line by itself
From: noone@nowhere
To: someone@nowhere
Subject: Test
.
250 2.0.0 f517HLs01938 Message accepted for delivery
quit
221 2.0.0 wombat.vastsystems.com.au closing connection
Connection closed by foreign host.
And this is what the message I receive looks like:
From [EMAIL PROTECTED] Fri Jun 1 17:17:49 2001
Return-Path: <[EMAIL PROTECTED]>
These two headers have the address given in the `mail from' command.
Received: from dropbear.vastsystems.com.au
+(IDENT:[EMAIL PROTECTED] [192.168.1.16])
by wombat.vastsystems.com.au (8.11.0/8.11.0) with ESMTP id f517HLs01938
for [EMAIL PROTECTED]; Fri, 1 Jun 2001 17:17:23 +1000
This one has the address given in the `rcpt to', but it's not always
present. Even if it is, if there are multiple recipients, only one will
be here.
Date: Fri, 1 Jun 2001 17:17:23 +1000
Message-Id: <[EMAIL PROTECTED]>
I didn't provide a `Date:' or `Message-Id:' header, so sendmail inserts
them.
From: noone@nowhere
To: someone@nowhere
Subject: Test
And here are the headers I actually provided. Note that they're
garbage, and even though I have sendmail configured to block mail if the
sender's domain doesn't resolve, that check is done on the envelope
address, not the `From:' header.
> We quite frequently receive an email from [EMAIL PROTECTED] with an attachment
sexyfun.net exists, but as I've explained above, that's irrelevant. The
envelope address is what matters.
> that is a virus.
> I have the filter inplace to block this address but it still manages to get
> through.
How have you configured your filter? Is it filtering on message header
or envelope?
> Jun 1 13:04:19 mail sendmail[24597]: NAA24597: from=<>, size=33261, class=0,
>
> This explains why it get past the filter, but no why sendmail doesn't
> automatically bin it as the send address does not reslove.
The null address is a special case. Are you *certain* that you're
looking at the right log entry?
> Any ideas on how I should attack this ?
Send us your sendmail.mc (and filter rules if they're not in
sendmail.mc). Also, which version of sendmail are you using?
> Also how do I specify the MaxMessageSize parameter to be a value using the
> sendmail.mc file ?
define(`confMAX_MESSAGE_SIZE', `1000000')dnl
Cheers,
John
--
whois [EMAIL PROTECTED]
--
SLUG - Sydney Linux User Group Mailing List - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
