Implement Access Control List With MailScanner???

Walt Wyndroski wdwrn at FRIENDLYCITY.NET
Fri Jul 2 01:46:48 IST 2004 

I found a round-about-solution. It's not pretty, but it seems to be working.

1) In my spam.blacklist.rules, I added the following which forces
mydomain.com to be automatically spam.

From:   mydomain.com              yes
FromOrTo:       default         no

2) I then added the following to my MailScanner.conf.

Spam Modify Subject = %rules-dir%/spam.modify.rules
High Scoring Spam Modify Subject = %rules-dir%/spam.modify.rules

In my spam.modify.rules I added:
From:   mydomain.com      no
FromOrTo:       default yes

This prevents the subject from being modified with the {Spam?} tag for
emails form my domain. All others are tagged as they should be.

3) I then added the following to my MailScanner.conf.

Spam Actions = %rules-dir%/spam.actions.rules

In spam.actions.rules, I added the following:
From:   /[\@\.]mydomain\.com$/ and From: 10.      deliver
From:   /[\@\.]mydomain\.com$/      delete
FromOrTo:       default deliver

This allows mail from mydomain.com AND from hosts in the 10.0.0.0/8 network
to be delivered properly. All other mail from mydomain.com is deleted.

Like I said, it's not pretty, but works. Maybe Julian will write a much
simpler function for this, at least I hope so. :)

Walt Wyndroski


----- Original Message -----
From: "Ken A" <ka at PACIFIC.NET>
To: <MAILSCANNER at JISCMAIL.AC.UK>
Sent: Thursday, July 01, 2004 6:06 PM
Subject: Re: Implement Access Control List With MailScanner???


> You don't have users that use their email addresses from outside your
> domain? Nobody checks email from home on their cable ISP, and uses
> @yourdomain email addresses?
>
> Using MailScanner From and To rulesets as you have suggested would stop
> the envelope sender being set to yourdomain, but the sender could still
> set the 'From:' header to yourdomain. :-(
>
> I think you'd need to also kill it with sendmail (maybe a milter) or
> maybe an SA rule that matched META conditions (yourdomain in the From
> Header) and NOT (one of your relays).
>
> Ken A
>
>
> Vicchiullo, Rob wrote:
>
> > Hey you find a solution for this please share it with us, I need the
> > same thing. =)
> >
> >
> >
> > Rob V
> >
> > -----Original Message-----
> > From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> > Behalf Of Walt Wyndroski
> > Sent: Thursday, July 01, 2004 5:05 PM
> > To: MAILSCANNER at JISCMAIL.AC.UK
> > Subject: Implement Access Control List With MailScanner???
> >
> > Hello all,
> >     I've been doing some serious googling over the 2-3 days about how to
> > implement a type of ACL (access control list) for Sendmail which would
> > help
> > in preventing the spoofing of my domain to my users. The only thing I
> > can
> > find are rulesets which are inserted direclty into the sendmail.cf,
> > which is
> > something that I really want to avoid. I was hoping MailScanner would
> > allow
> > me to do this. Here is my setup:
> >
> >  Kernel Version    2.4.22-1.2194.nptlsmp
> > SendMail RPM Version    sendmail-8.12.10-1.1.1
> > Procmail RPM Version    procmail-3.22-11
> > MailScanner RPM Version    mailscanner-4.30.2-1
> >
> > If an email arrives at my mail server with the from header as
> > user at mydomain,
> > I need to further look at the message to see if the message originated
> > from
> > one of the subnets for which I relay. If it did, I'll accept it. If it
> > didn't, I'll discard it. If anyone knows of a Sendmail m4 rule for this,
> > please point me in the right direction and accept my apologies for being
> > on
> > the wrong list. :) Otherwise, if MailScanner can already do this or if
> > someone has already written a custom function for this, please point me
> > in
> > the right direction.
> >
> > Walt Wyndroski
> >
> > -------------------------- MailScanner list ----------------------
> > To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
> > Before posting, please see the Most Asked Questions at
> > http://www.mailscanner.biz/maq/     and the archives at
> > http://www.jiscmail.ac.uk/lists/mailscanner.html
> >
> > -------------------------- MailScanner list ----------------------
> > To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
> > Before posting, please see the Most Asked Questions at
> > http://www.mailscanner.biz/maq/     and the archives at
> > http://www.jiscmail.ac.uk/lists/mailscanner.html
> >
> >
>
> -------------------------- MailScanner list ----------------------
> To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
> Before posting, please see the Most Asked Questions at
> http://www.mailscanner.biz/maq/     and the archives at
> http://www.jiscmail.ac.uk/lists/mailscanner.html

-------------------------- MailScanner list ----------------------
To leave, send    leave mailscanner    to jiscmail at jiscmail.ac.uk
Before posting, please see the Most Asked Questions at
http://www.mailscanner.biz/maq/     and the archives at
http://www.jiscmail.ac.uk/lists/mailscanner.html

More information about the MailScanner mailing list