On 12/03/06, Sam Drinkard <sam@xxxxxxxxxx> wrote:
> A while back, I posted a note asking if anyone had any ideas why the
> /etc/mail/access file was not being parsed or utilized in the efforts to
> stop spam and junk mail. I just looked over things again, and have still
> not found any reason why it still permits the TLD's I have listed to pass
> thru. I also thought perhaps there might be some "upper limit" to the
> number of entries sendmail could handle. What do the sendmail guru's think
> about that idea? I may reduce the number of entries from the current 275
> +/- down to just the most offensive TLD's and see what happens. Short of
> that, are there any other thoughts ya'll might have as to why it still
> passes the stuff I want blocked?
I don't know the ins-and-outs of Sendmail access well but does it base
its decision purely on the "From" address, which as we all know isn't
necessarily where a message originates. Or could it be basing the
access decision on the initial Received: from address, and/or that
addresses reverse lookup, in the header?
In which case, a spam could originate from mail.blah.com and access
would accept it but the message itself would appear to come from
spammers@xxxxxxxxxx You'd accept the message inspite of having .ru
denied in your access.
Just a thought.
Will.
