rejecting botnets with sendmail
John Rudd
jrudd at ucsc.edu
Wed Nov 1 16:33:55 GMT 2006
Andoni Auzmendi wrote:
> Experiencing the recent increase in spam from botnets, is there a way to
> reject (or discard) connections coming from servers containing their ip
> address within the hostname? I can see lots of connections from
> broadband or dialup addresses. Some of them even bypass greylilst as
> they resend the messages several times. We use Sendmail here and I guess
> there must be a milter which is capable of doing that.
>
I have done it with mimedefang. It's pretty trivial to put the code
into filter_sender in mimedefang. However, I've been asked to not talk
about mimedefang widely on this list, so if you have more questions, you
can probably look on that mailing list. (and I think my code might even
be in their list archives; if not, go ahead and ask over there, and I'll
post the code)
More information about the MailScanner
mailing list