Alex Palenschat wrote:
So my question is: if my system has granted RELAY permission
to a system
which is in a dnsbl used by the sendmail configuration, does the
sendmail RELAY, or does it deny the connection attempt?
Thanks for wading through this completely hypothetical situation.
I think you would be served by doing some googling on backscatter. Any
time you have a "backup mx" server that does not do recipient validation
for the domains it serves not only is it going to receive a lot of spam,
it is going to be producing a lot. This is exactly the type of thing
that lands IP addresses in blacklists in my experience.
Backscatter is a fact of life. 99% of the emails in my queues are
undeliverable backscatter. 99% of my inbound email is backscatter
(since my domain gets used for forging email headers on spam). I'm
retiring older systems which just can't deal with the backscatter. It
just isn't economically viable to try to fight it any more; life is too
short.
That being said you should be able to whitelist the IP of the
blacklisted host before you do the rbl-checking. I know how to do this
with postfix but not sendmail. I am not a sendmail user, but there are
some sendmail users on the list who may be willing to help there.
This brings me to the ultimate point of my response: if you grant the
firewall in question ACCESS permission, it does over-ride the dnsbl.
I would fix your local problem (if you can).
Unfortunately there are two other companies in between me and the users
(not that I can really identify them with the junk I have to use here)
so short of finding another job I'm stuck with the problem.
--
/\oo/\
/ /()\ \ David Mackintosh | dave@xxxxxxxxxx
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
