rejecting botnets with sendmail

Denis Beauchemin Denis.Beauchemin at
Wed Nov 1 16:06:34 GMT 2006

Andoni Auzmendi a écrit :
> Experiencing the recent increase in spam from botnets, is there a way to
> reject (or discard) connections coming from servers containing their ip
> address within the hostname? I can see lots of connections from
> broadband or dialup addresses. Some of them even bypass greylilst as
> they resend the messages several times. We use Sendmail here and I guess
> there must be a milter which is capable of doing that.
> Andoni Auzmendi

This saved us:
FEATURE(`dnsbl',`',`"554 Rejected " $&{client_addr} 
" found in"')dnl

Put it in your and then make your from it. Last 
step is to restart sendmail using MailScanner's script.

I guess you can use other RBLs but I don't know which ones to recommend.


  °v°   Denis Beauchemin, analyste
 /(_)\  Université de Sherbrooke, S.T.I.
  ^ ^   T: 819.821.8000x62252 F: 819.821.8045

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3595 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the MailScanner mailing list