rejecting botnets with sendmail
Denis Beauchemin
Denis.Beauchemin at USherbrooke.ca
Wed Nov 1 16:06:34 GMT 2006
Andoni Auzmendi a écrit :
> Experiencing the recent increase in spam from botnets, is there a way to
> reject (or discard) connections coming from servers containing their ip
> address within the hostname? I can see lots of connections from
> broadband or dialup addresses. Some of them even bypass greylilst as
> they resend the messages several times. We use Sendmail here and I guess
> there must be a milter which is capable of doing that.
>
> Andoni Auzmendi
>
Andoni,
This saved us:
FEATURE(`dnsbl',`safe.dnsbl.sorbs.net',`"554 Rejected " $&{client_addr}
" found in safe.dnsbl.sorbs.net"')dnl
Put it in your sendmail.mc and then make your sendmail.cf from it. Last
step is to restart sendmail using MailScanner's script.
I guess you can use other RBLs but I don't know which ones to recommend.
Denis
--
_
°v° Denis Beauchemin, analyste
/(_)\ Université de Sherbrooke, S.T.I.
^ ^ T: 819.821.8000x62252 F: 819.821.8045
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3595 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.mailscanner.info/pipermail/mailscanner/attachments/20061101/d4536082/smime.bin
More information about the MailScanner
mailing list