Date: Tue, 8 Jun 1999 12:57:18 -0300 (ART) From: fpscha@cvi.com.ar To: FreeBSD-gnats-submit@freebsd.org Subject: conf/12084: Mistake in anti spam rules for non-us domains. Message-ID: <199906081557.MAA17606@servidor1.cursosvirtuales.com.ar>
next in thread | raw e-mail | index | archive | help
>Number: 12084 >Category: conf >Synopsis: Mistake in anti spam rules for non-us domains. >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Tue Jun 8 09:00:01 PDT 1999 >Closed-Date: >Last-Modified: >Originator: Fernando P. Schapachnik >Release: FreeBSD 2.2.8-RELEASE i386 >Organization: >Environment: I tested it only in 2.2.x as I don't have a 3.x available, but I think it's pertinent too. The anti spam rules that come in /etc/mail/sendmail.cf.additions provide a spamsites db to block known sources of spam. The sendmail rules that implement that restriction are designed to block the first every first level subdomain of the blocked domain. Example: If the database says: example.com REJECT the rule will block host1.example.com, smtp.example.com, etc. >Description: The problem arise when you want to block some non-us domain. Example: spammer.com.ar REJECT But one of the rules just search in the db "com.ar", which is not found. So the email keeps going through. If you add com.ar REJECT to the db, the every email from spammer.com.ar, goodguy.com.ar, etc. gets rejected. >How-To-Repeat: Add cavallo.org.ar REJECT to your spamsites db and connect to sendmail sending mail from user@cavallo.org.ar. The mail will pass. >Fix: Aplpy the following patch to /etc/mail/sendmail.cf.additions: --- /etc/mail/sendmail.cf.additions Mon Nov 30 02:15:29 1998 +++ sendmail.cf.additions Tue Jun 8 12:45:14 1999 @@ -38,7 +38,11 @@ # # host must NOT be in the "spamsites" database--BEGIN R$* $| $* $: <$1 $| $2> $1 -R<$*> $+.$+.$+ <$1> $3.$4 +# Uncomment the following line if you what to block +# host.domain.com having only domain.com in your db. +# Be aware that this have the side effect of having to block +# the hole com.ar in order to block domain.com.ar. +#R<$*> $+.$+.$+ <$1> $3.$4 R<$*> $+.$+ $: <$1> $(spamsites $2.$3 $) R<$*> $*.REJECT $#error $: 521 blocked. contact postmaster@$m R<$*> $* $: $1 @@ -70,7 +74,11 @@ # mail must come from a DNS resolvable host--END # mail must NOT come from a known source of spam--BEGIN R$+ @$+ $: <$1@$2> $2 -R<$*> $+.$+.$+ <$1> $3.$4 +# Uncomment the following line if you what to block +# host.domain.com having only domain.com in your db. +# Be aware that this have the side effect of having to block +# the hole com.ar in order to block domain.com.ar. +#R<$*> $+.$+.$+ <$1> $3.$4 R<$*> $* $: $(spamsites $2 $: OK $) R$+.REJECT $#error $@ 5.7.1 $: 550 $1 R<$*> $* $: $1 >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906081557.MAA17606>