SUSPECT: RE: Verisign idiocy confusion {Scanned by HJMS}

Furnish, Trever G TGFurnish at HERFF-JONES.COM
Thu Sep 18 00:13:00 IST 2003


If you're using an mc file similar to the one that redhat distributes with
sendmail, then it's probably got a section something like this:

dnl # We strongly recommend not accepting unresolvable domains if you want
to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvable_domains')dnl

If you comment out that "feature" and regenerate your cf file and restart
sendmail then you ought to be good to go.  But it's pretty much useless now.
:-/  (BTW, if you're not familiar with the mc file format, "comment out"
means "prepend 'dnl'").

And as for quantifying the mail this one catches, I just did some grepping
of the maillog.  Looks like something like this is a good start:
cat maillog | grep -i reject | grep -e 'does not exist' -e 'does not
resolve' | wc -l

...and for a quick count of the number of messages tagged as spam:
cat maillog | grep 'is spam' | wc -l

Those may be a bit off - I'm making it up without access to a maillog at the
moment.

-t.


> -----Original Message-----
> From: Kevin Miller [mailto:Kevin_Miller at CI.JUNEAU.AK.US]
> Sent: Wednesday, September 17, 2003 5:21 PM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: Verisign idiocy confusion {Scanned by HJMS}
>
>
> I thought I had that enabled, but I just went to double check
> and can't
> recall where it's set (looked in both MS and sendmail).
> Where do we set
> that option so that when normalacy is restored it'll work again?
>
> Also, how did you quantify the amount of mail it was catching
> and rejecting?
>
> TIA...
>
> ...Kevin
> -------------------
> Kevin Miller                Registered Linux User No: 307357
> CBJ MIS Dept.               Network Systems Administrator, Mail
> Administrator
> 155 South Seward Street     ph: (907) 586-0242
> Juneau, Alaska 99801        fax: (907 586-4500
>
>
> >This change prevents you from being able to identify
> >non-existant domains
> >under .com.  Blocking mail from domains that don't have valid
> >DNS records is
> >a very effective way of reducing both spam and bounces that
> you cannot
> >notify anyone about.
> >
> >In fact until yesterday that one check blocked more bad email
> >on my systems
> >than mailscanner tagged as spam.  The impact is that a lot
> >more mail will
> >get through, including spam, even though that mail cannot possibly be
> >responded to electronically (since the domain has no valid dns
> >records for
> >use in returning the message or notifying the domain's admin of a
> >misconfiguration).
> >
>



More information about the MailScanner mailing list