Date: Mon, 16 Nov 1998 10:21:50 -0800 (PST) From: David Wolfskill <dhw@whistle.com> To: freebsd-questions@FreeBSD.ORG, Stanley.Hopcroft@ipaustralia.gov.au Subject: Re: Please help with sendmail-8.9.1/TIS smap/anti-spam Message-ID: <199811161821.KAA23919@pau-amma.whistle.com> In-Reply-To: <4A2566BD.007F50CA.00@noteshub01.aipo.gov.au>
next in thread | previous in thread | raw e-mail | index | archive | help
>From: Stanley.Hopcroft@ipaustralia.gov.au >Date: Mon, 16 Nov 1998 09:09:06 +1000 >I am writing to ask your help with the anti-spam features of sendmail-8.9.1 >when used witht he TIS smap product. >It seems to me that the FEATURE(access_db,..) does not work when sendmail >does not interact with the incoming SMTP connection (smap accepts the >connection, spools the mail and then feeds it to sendmail via STDIN). > Is this correct ? That is my understanding, yes. >It also appears that the sendmail-8.9.1 relay prevention fails to work in >this configuration. Right. >If you can help me ensure that this server does not appear as the origin of >letters entitled "Psst wanna see some good pix?" I'll be very pleased and >thankfull. I appreciate that you're trying to do something about the problem. Basically, the issue is that you want to control the relaying asects of your SMTP server, which is smap, not sendmail. We use smap for some of our SMTP servers, and someone (prior to the start of my tenure here) had patched smap to restrict relaying. Since then, I found that smap would die with a SIGSEGV if someone tried to talk to it without doing a "HELO" first. (I'm not sure whether this was in the base code or a result of the anti-relay patches.) To fix this, I added some code that requires HELO before accepting the MAIL command (in the spirit of sendmail's "needmailhelo" config option). I also was informed of a problem with smapd: it needs to invoke sendmail with the -i flag, so that a lone "." by itself doesn't tell the invoked sendmail that it's reached EOF. As long as it doesn't violate the TIS fwtk license, I believe I can send you the patches. (I tend to use RCS whenever I change things, so extracting a patch should be trivial.) If it looks as if that would violate the licese, at least you have some clues.... david -- David Wolfskill UNIX System Administrator dhw@whistle.com voice: (650) 577-7158 pager: (650) 371-4621 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199811161821.KAA23919>