how to bock mailservers that have only an ip address

Jim Holland mailscanner at mango.zw
Mon May 1 09:30:35 IST 2006 

On Sun, 30 Apr 2006, John Rudd wrote:

> As you can see, other people like the require_rdns.m4 sendmail hack.  I 
> prefer using filter_sender in mimedefang:
> 
> 1) require_rdns has different return codes than I want for different 
> cases (yes, I could modify require_rdns, but then that gets into 
> hacking a hack which gets bad for long term maintainability)

I am already in that situation with require_rdns, but agree it isn't very 
desirable.
 
> 2) I'm not sure if require_rdns can be made to exempt those in certain
> IP blocks, those who have done SMTP-AUTH, etc ... but mimedefang can
> (that's why I do the check in filter_sender instead of filter_relay).

You can control whitelisting in your access file.
 
> 3) mimedefang lets you do LOTS of other checks, is incredibly flexible,
> and you modify behaviors in perl instead of sendmail cf expressions ...  
> I much prefer perl to sendmail cf files.  It can check for recipients on
> remote relays (similar to milter-ahead), HELO/EHLO verification, and
> even attachment filename/filetype checks, anti-virus checks, and
> SpamAssassin.

Having had a look at mimedefang it looks as if it is an alternative
package to MailScanner, rather than complementary, and hence not at all
compatible with it.  All incoming mail would get parsed by mimedefang,
with all attachments being extracted etc, only to have the same mail then
being reprocessed and split again by MailScanner.  This looks like an
incredible waste of resources, especially if it is just to make use of a
couple of mimedefang features such as milter-ahead, HELO/EHLO verification
or blocking of servers with no PTR records.  Carrying out filename/
filetype checks, anti-virus checks, and running SpamAssassin through
mimedefang while also using MailScanner is clearly pointless as 
MailScanner does it all so much better.

I see the benefits of plugins that work directly with sendmail for
additional MTA-related functionality, but using mimedefang filters for
that purpose together with MailScanner seems incredible overkill.

> Last week I posted a URL to my mimedefang-filter (which is where all of
> your site-specific perl code goes).  I'm about to re-do it, though
> (clean up the code some, move some code around to sub-routines so it's
> easier to customize certain details, have different versions for people
> who may want to skip virus/attachment/anti-spam checks if they're doing
> that somewhere else, etc.).  I'll post about the update in a couple
> days.

Do you have an integrated solution that ensures that MailScanner continues
to do what it does best while disabling all the MailScanner-type features
in mimedefang so as to avoid the enormous performance hit that will happen
if all messages are MIME-decoded twice?  Surely the logical approach is to
write milters that work directly with sendmail (as with milter-ahead)
instead of filters that work with mimedefang which then hooks into 
sendmail?

Regards

Jim Holland
System Administrator
MANGO - Zimbabwe's non-profit e-mail service

More information about the MailScanner mailing list