rejecting botnets with sendmail

Denis Beauchemin Denis.Beauchemin at
Wed Nov 1 18:21:11 GMT 2006

DAve a écrit :
> Denis Beauchemin wrote:
>> Andoni Auzmendi a écrit :
>>> Experiencing the recent increase in spam from botnets, is there a 
>>> way to
>>> reject (or discard) connections coming from servers containing their ip
>>> address within the hostname? I can see lots of connections from
>>> broadband or dialup addresses. Some of them even bypass greylilst as
>>> they resend the messages several times. We use Sendmail here and I 
>>> guess
>>> there must be a milter which is capable of doing that.
>>> Andoni Auzmendi
>> Andoni,
>> This saved us:
>> FEATURE(`dnsbl',`',`"554 Rejected " 
>> $&{client_addr} " found in"')dnl
> What list is this? I don't see it on the website.


It's an aggregate of:

I really needed to block them at the MTA level because our hw wasn't 
able to cope with the big increase of spam we saw in the last weeks.  
Even though I had 3 equal priority MX servers, one was receiving twice 
as much as the other 2 combined.


  °v°   Denis Beauchemin, analyste
 /(_)\  Université de Sherbrooke, S.T.I.
  ^ ^   T: 819.821.8000x62252 F: 819.821.8045

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3595 bytes
Desc: S/MIME Cryptographic Signature
Url :

More information about the MailScanner mailing list