From owner-freebsd-questions@FreeBSD.ORG Thu Sep 14 03:12:39 2006 Return-Path: X-Original-To: questions@freebsd.org Delivered-To: freebsd-questions@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C898716A412 for ; Thu, 14 Sep 2006 03:12:39 +0000 (UTC) (envelope-from keramida@ceid.upatras.gr) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id C9D0843D45 for ; Thu, 14 Sep 2006 03:12:33 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from gothmog.pc (host5.bedc.ondsl.gr [62.103.39.229]) (authenticated bits=128) by igloo.linux.gr (8.13.8/8.13.8/Debian-2) with ESMTP id k8E3BAIP018447 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Thu, 14 Sep 2006 06:11:12 +0300 Received: from gothmog.pc (gothmog [127.0.0.1]) by gothmog.pc (8.13.7/8.13.7) with ESMTP id k8E3BU4K074644; Thu, 14 Sep 2006 06:11:31 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from giorgos@localhost) by gothmog.pc (8.13.7/8.13.7/Submit) id k8E3BUv3074643; Thu, 14 Sep 2006 06:11:30 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Thu, 14 Sep 2006 06:11:30 +0300 From: Giorgos Keramidas To: Kevin Kinsey Message-ID: <20060914031130.GB74348@gothmog.pc> References: <45082E5C.5040503@daleco.biz> <20060913163722.GA62734@gothmog.pc> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20060913163722.GA62734@gothmog.pc> X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (score=-1.014, required 5, AWL -1.97, BAYES_00 -2.60, BIZ_TLD 2.01, SPOOF_NET2COM 1.54, UNPARSEABLE_RELAY 0.00) X-Hellug-MailScanner-From: keramida@ceid.upatras.gr X-Spam-Status: No Cc: questions@freebsd.org Subject: Re: sendmail and hosts_access(5) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Sep 2006 03:12:39 -0000 On 2006-09-13 19:37, Giorgos Keramidas wrote: > On 2006-09-13 11:14, Kevin Kinsey wrote: > > Hello all, > > > > I am attempting to block an SMTP server with /etc/hosts.allow: > > > > ---------------------------------------------------------- > > Received: from 241net251.net.zeork.com.pl (241net251.net.zeork.com.pl > > [194.117.241.251] (may be forged)) > > ---------------------------------------------------------- > > [506] Tue 12.Sep.2006 20:55:44 > > [kadmin@archangel][~] > > #ssh kadmin@elisha grep zeork /home/kadmin/spammers > > .net.zeork.com.pl > > > > [507] Tue 12.Sep.2006 20:56:55 > > [kadmin@archangel][~] > > #ssh kadmin@elisha grep /home/kadmin/spammers /etc/hosts.allow > > sendmail : /home/kadmin/spammers : deny > > -------------------------------------------------------------- > > > > hosts_access(5) says this: > > The access control language implements the following patterns: > > * A string that begins with a `.' character. A host > > name is matched if the last components of its name match the > > specified pattern. For example, the pattern `.tue.nl' matches > > the host name `wzv.win.tue.nl' > > > > So, why does my server continue accepting SMTP connections from > > "241net251.net.zeork.com.pl" ? > > > > Thoughts, pointers, gentle kicks on the bum welcomed. > > I don't think you can have the hostnames in a separate "map file" and > then reference this file from /etc/hosts.allow. ... and I'm wrong of course. Alex Zbyslaw pointed out that I had missed the part of the manpage which refers to this: o A string that begins with a `/' character is treated as a file name. A host name or address is matched if it matches any host name or address pattern listed in the named file. The file for- mat is zero or more lines with zero or more host name or address patterns separated by whitespace. A file name pattern can be used anywhere a host name or address pattern can be used. Sorry for the confusion :-/