rejecting botnets with sendmail
Ugo Bellavance
ugob at camo-route.com
Thu Nov 2 15:30:39 GMT 2006
Denis Beauchemin wrote:
> Scott Silva a écrit :
<snip>
>>>
>> You can add whitelisted entries in the access file if you use
>> feature_delay_checks in sendmail.
>> http://www.technoids.org/
>> Has a lot of good sendmail stuff.
>> Are you using the new stuff in sendmail like greetpause, conncontrol, and
>> ratecontrol?
>> http://www.technoids.org/dossed.html
>>
> Yes, I am using greetpause, conncontrol, and ratecontrol but they're not
> enough.
>
> I knew about http://www.technoids.org/dossed but not the rest of the
> site. It's quite interesting. However I'm not sure how to whitelist a
> remote site that appears on safe.dnsbl.sorbs.net. The examples I saw
> referred to email addresses...
>
> After some more reading on sendmail.org, I think I need the following in
> my access file:
> ip.of.remote.host: OK
>
> OK: "Accept mail even if other rules in the running ruleset would reject
> it, for example, if the domain name is unresolvable. "Accept" does not
> mean "relay", but at most acceptance for local recipients. That is, OK
> allows less than RELAY."
>
> Denis
>
Here is what I use:
# Temporary measure - skip relay tests for this server
connect:**.110.223.185 OK
connect:**.110.235.244 OK
More information about the MailScanner
mailing list