Best Way to Control Relaying?
Alex Neuman van der Hans
alex at nkpanama.com
Thu May 11 15:48:54 IST 2006
Muhammad Nauman wrote:
> Hi
>
> I m using Sendmail 8.13.5
> and i m relaying my User - using the access featur in sendmail -with
> file : /etc/mail/access
>
1. Remove the "xxx.xxx.xxx.xxx RELAY" option that you have in that file
so that only AUTHENTICATED users can relay - that way you can have
people accountable for what they do. You may need to run the saslauthd
service for this to work.
2. Remember to change /usr/share/sendmail-cf/m4/cfhead.m4 to read
_REC_FULL_AUTH_$?{auth_ssf} bits=${auth_ssf}$.)
instead of
_REC_AUTH_$?{auth_ssf} bits=${auth_ssf}$.)
... so you can know *who* sent what. You have to "m4 <
/etc/mail/sendmail.mc > /etc/mail/sendmail.cf after the change and
restart MailScanner.
3. Throttle your users. Use a milter or some of sendmail's built-in
features to throttle the connection so that users can send a reasonable
amount of mail (say, 5 per minute, for example). You can always add
exceptions for bigger customers. Check http://technoids.org/dossed.html
for more info.
If you limit the amount of emails-per-minute and connections-per-second
your server accepts, you can make it impractical for (ab)users to use
you as a spam relay.
You can also look into
http://www.five-ten-sg.com/syslog2iptables/rn01re01.html in order to
temporarily firewall those who repeatedly try to send mail through your
server and aren't authorized.
More information about the MailScanner
mailing list