mail/access revisited

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Will McDonald wrote:
> On 12/03/06, Sam Drinkard <sam@xxxxxxxxxx> wrote:
>   
>>  A while back, I posted a note asking if anyone had any ideas why the
>> /etc/mail/access file was not being parsed or utilized in the efforts to
>> stop spam and junk mail.  I just looked over things again, and have still
>> not found any reason why it still permits the TLD's I have listed to pass
>> thru.  I also thought perhaps there might be some "upper limit" to the
>> number of entries sendmail could handle.  What do the sendmail guru's think
>> about that idea?  I may reduce the number of entries from the current 275
>> +/- down to just the most offensive TLD's and see what happens.  Short of
>> that, are there any other thoughts ya'll might have as to why it still
>> passes the stuff I want blocked?
>>     
>
> I don't know the ins-and-outs of Sendmail access well but does it base
> its decision purely on the "From" address, which as we all know isn't
> necessarily where a message originates. Or could it be basing the
> access decision on the initial Received: from address, and/or that
> addresses reverse lookup, in the header?
>
> In which case, a spam could originate from mail.blah.com and access
> would accept it but the message itself would appear to come from
> spammers@xxxxxxxxxx You'd accept the message inspite of having .ru
> denied in your access.
>
> Just a thought.
>
> Will.
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
>
>
>   

As far as I know Will, sendmail looks at the access database, and will 
not allow a connection from the sending host if that particular IP or 
hostname happens to be in there.  The access list *used* to work, but as 
I mentioned, I'm wondering if perhaps I've hit an upper limit or 
exceeded a limit where nothing in there is being parsed now.  I don't go 
by hostname when blocking.   I look at the sending host IP and block 
that.  Headers from sendmail tell who or what connected to the port or 
tried to connect.

Sam


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux