rejecting botnets with sendmail
Res
res at ausics.net
Wed Nov 1 22:39:18 GMT 2006
On Wed, 1 Nov 2006, Rick Cooper wrote:
>
> I use exim and it allows you to reject based on specific returns (such as
> 127.0.0.10) or anything but a specific return for rbls that return more than
> one possible address. I figured this is such a good idea perhaps sendmail
> had something similar so I hit google and found enhdnsbl, did a quick google
> on FEATURE(enhdnsbl, and found you could use something like
>
> FEATURE(`enhdnsbl',`safe.dnsbl.sorbs.net',`"554 Rejected "
> $&{client_addr} " found in safe.dnsbl.sorbs.net"',
> ,`127.0.0.2.',`127.0.0.3.', `127.0.0.4.', , `127.0.0.5.', , `127.0.0.6.',
> `127.0.0.7.', `127.0.0.8.', `127.0.0.9.')
>
> Which would reject on all the lists except dul. Or you could have multiple
> FEATURE(`dnsbl', entries, one for each of the lists you wanted to use (there
> are more too). Of course the single call and choose your reject addresses,
> would be more economical I would think.
Sendmail works the identical way, its an "enhanced dnsbl" feature
--
Cheers
Res
"Just a world that we all must share, it's not enough just to stand and
stare, is it only a dream that there'll be no more turning away" - Floyd
More information about the MailScanner
mailing list