rejecting botnets with sendmail

John Rudd jrudd at
Wed Nov 1 16:33:55 GMT 2006

Andoni Auzmendi wrote:
> Experiencing the recent increase in spam from botnets, is there a way to
> reject (or discard) connections coming from servers containing their ip
> address within the hostname? I can see lots of connections from
> broadband or dialup addresses. Some of them even bypass greylilst as
> they resend the messages several times. We use Sendmail here and I guess
> there must be a milter which is capable of doing that.

I have done it with mimedefang.  It's pretty trivial to put the code 
into filter_sender in mimedefang.  However, I've been asked to not talk 
about mimedefang widely on this list, so if you have more questions, you 
can probably look on that mailing list.  (and I think my code might even 
be in their list archives; if not, go ahead and ask over there, and I'll 
post the code)

More information about the MailScanner mailing list