rejecting botnets with sendmail

Andoni Auzmendi andoni.auzmendi at
Wed Nov 1 17:25:00 GMT 2006

Currently we are using, and I will also add and see how it goes.

Using the lists I rely on the lists maintainers to add those affected pcs. Is there a way I can use regular expressions to block hostnames containing ip addresses allowing at the same time a whitelist for small companies?

I think mimedefang can do it, but I would rather install a sendmail milter to keep the set up simpler if possible.



-----Original Message-----
From: mailscanner-bounces at [mailto:mailscanner-bounces at] On Behalf Of DAve
Sent: 01 November 2006 16:41
To: MailScanner discussion
Subject: Re: rejecting botnets with sendmail

Denis Beauchemin wrote:
> Andoni Auzmendi a écrit :
>> Experiencing the recent increase in spam from botnets, is there a way to
>> reject (or discard) connections coming from servers containing their ip
>> address within the hostname? I can see lots of connections from
>> broadband or dialup addresses. Some of them even bypass greylilst as
>> they resend the messages several times. We use Sendmail here and I guess
>> there must be a milter which is capable of doing that.
>> Andoni Auzmendi
> Andoni,
> This saved us:
> FEATURE(`dnsbl',`',`"554 Rejected " $&{client_addr} > " found in"')dnl

What list is this? I don't see it on the website.

I just lost my battle with the PHB over and I had to 
remove it. Our VOIP provider (we are a reseller) has their VM server on 
the dul list. All VM wave files have been blocked since I started using 
dul last week to thwart a dictionary attack. I hate spammers, really, I 
wish them all constant pain and eternal agony.


> Put it in your and then make your from it. Last > step is to restart sendmail using MailScanner's script.
> I guess you can use other RBLs but I don't know which ones to recommend.
> Denis

Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for

Maybe they forgot who made that choice possible.
MailScanner mailing list
mailscanner at

Before posting, read

Support MailScanner development - buy the book off the website! 

This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the system manager.

This footnote also confirms that this email message has been swept by
MIMEsweeper for the presence of computer viruses.

More information about the MailScanner mailing list