Alias rule help
MailScanner at ecs.soton.ac.uk
Mon Dec 15 20:27:51 GMT 2008
I would do this at the MTA level, like other posters have advised.
We have *-all lists, which withing them have *-all-people lists, and we
don't want people outside being able to mail them.
In sendmail.cf we implement this using the following:
KIsEcsList1 regex -a at MATCH ^(cs|el|ce|ie)?ug[0-9]?$
KIsEcsList2 regex -a at MATCH ^.*-all(-[0-9])?$
KIsEcsList3 regex -a at MATCH ^.*-(people|extras)(-[0-9])?$
These define the 3 regexps that match all the mailing lists (examples
from each line are
IsEcsList2 staff-all, staff-all-1
IsEcsList3 staff-all-people, staff-all-people-2
as that is how the lists are all constructed. Obviously you will need to
change these to match your own setup.
And then further down in sendmail.cf, this. If you know a reasonable
amount about sendmail.cf files, then it should be obvious where the
<tab> characters go to separate the 3 "fields" of each line of a
R$* $: $>3 $1 Focus on host
R$* $: $>"QualifyDomain" $1 Make fully-qualified
R$* <@ $* $m. > $* $1 <@ *LOCAL* > Is recipient an ECS address?
R$* <@ *LOCAL* > $* $: $(IsEcsList1 $1 $) <@ *LOCAL* > $2 ECS list?
R$* <@ *LOCAL* > $* $: $(IsEcsList2 $1 $) <@ *LOCAL* > $2 ECS list?
R$* <@ *LOCAL* > $* $: $(IsEcsList3 $1 $) <@ *LOCAL* > $2 ECS list?
R at MATCH <@ *LOCAL* > $* $#error $@ 5.1.2 $: Please contact ECS Help Desk
# If address is unqualified, add *LOCAL* as the destination hostname.
R$* < @ $* > $* $@ $1 < @ $2 > $3 Already fully qualified
R$+ $@ $1 < @ *LOCAL* > Add local qualification
That should tell you all you need to implement restrictions at MTA level
in sendmail to disable addresses that match regular expressions.
On 15/12/08 16:13, Nasser Al-Zawawi wrote:
> I have a RedHat ES 4 server running sendmail (8.13.1) and I am using
> the latest MailScanner version (4.73.4-2), ClamAV 0.94.2 and
> SpamAssassin 3.2.5. I need help with a rule that should block all
> outside users from sending emails to our aliases and only allow them
> to come from people from our domain. For example we have an alias
> called _/all_users/_ and it is literally all users on the system.
> Somehow spammers are able to see these aliases on the system (I hope
> there is a way to disallow them from seeing the aliases) and then they
> are sending SPAMs to these aliases so when they send a spam to
> _/all_users/_ at domain.com <mailto:_all_users_ at domain.com> everybody
> gets that spam. Could somebody write this rule and show what directive
> to put in the MailScanner.conf if any. I have tried a few but none worked.
> Best regards,
Julian Field MEng CITP CEng
Buy the MailScanner book at www.MailScanner.info/store
MailScanner customisation, or any advanced system administration help?
Contact me at Jules at Jules.FM
PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
PGP public key: http://www.jules.fm/julesfm.asc
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
More information about the MailScanner