Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Compound access rules?

23 views
Skip to first unread message

david

unread,
Aug 19, 2005, 3:40:17 PM8/19/05
to
First off: A disclaimer ... what I'm requesting is fairly complex and I
don't really expect sendmail to be able to support it ... but I figure
it can't hurt to ask.

On to the question:

Is there any way to setup a 'compound' rule in either the access table
or a local_rule set?

The problem is this ... I'm getting a lot of mail that is perporting to
be from "sup...@mydomain.com" and "ad...@mydomain.com". Obviously
these are viruses/works trying to propigate themselves.

What I would like to do is setup some rule that will reject mail if it
matches all of the following condition:

1. FROM domain is @mydomain.com
2. Connection is received on a specific network address (external
address, not internal)
2. FROM address does not exist as a real or aliased user

Thanks!

david

ynotssor

unread,
Aug 20, 2005, 1:19:55 AM8/20/05
to
"david" <dmg...@spamcop.net> wrote in message
news:1124480417.6...@f14g2000cwb.googlegroups.com...

> First off: A disclaimer ... what I'm requesting is fairly complex and I
> don't really expect sendmail to be able to support it ... but I figure
> it can't hurt to ask.

[...]


> What I would like to do is setup some rule that will reject mail if it
> matches all of the following condition:
>
> 1. FROM domain is @mydomain.com
> 2. Connection is received on a specific network address (external
> address, not internal)
> 2. FROM address does not exist as a real or aliased user

The rejecting of email to unknown users is the default in sendmail. You
should probably undo whatever configuration changes you made to allow the
accepting of email to unknown users.

Kari Hurtta

unread,
Aug 20, 2005, 6:24:37 AM8/20/05
to
"ynotssor" <ynot...@example.net> writes:

> "david" <dmg...@spamcop.net> wrote in message
> news:1124480417.6...@f14g2000cwb.googlegroups.com...
>
> > First off: A disclaimer ... what I'm requesting is fairly complex and I
> > don't really expect sendmail to be able to support it ... but I figure
> > it can't hurt to ask.
> [...]
> > What I would like to do is setup some rule that will reject mail if it
> > matches all of the following condition:
> >
> > 1. FROM domain is @mydomain.com
> > 2. Connection is received on a specific network address (external
> > address, not internal)
> > 2. FROM address does not exist as a real or aliased user

====


>
> The rejecting of email to unknown users is the default in sendmail. You
> should probably undo whatever configuration changes you made to allow the
> accepting of email to unknown users.

I do not think that sendmail rejects mail from unknown users by default.

/ Kari Hurtta

Andrzej Adam Filip

unread,
Aug 20, 2005, 6:51:56 AM8/20/05
to
"david" <dmg...@spamcop.net> writes:

Points 1 and 2 can be achieved by publishing strong SPF record and
making your sendmail enforce it.

http://spf.pobox.com/

--
Andrzej [en:Andrew] Adam Filip an...@priv.onet.pl an...@xl.wp.pl
http://www.sendmail.org/faq/ http://anfi.homeunix.net/sendmail/

Claus Aßmann

unread,
Aug 20, 2005, 10:36:33 AM8/20/05
to
Andrzej Adam Filip wrote:

[fullquote removed]

> Points 1 and 2 can be achieved by publishing strong SPF record and
> making your sendmail enforce it.

And kiss forwarding good bye.

Why don't you suggest at least DK[IM] instead?

--
Note: please read the netiquette before posting. I will almost never
reply to top-postings which include a full copy of the previous
article(s) at the end because it's annoying, shows that the poster
is too lazy to trim his article, and it's wasting my time.

Claus Aßmann

unread,
Aug 20, 2005, 11:36:57 AM8/20/05
to
david wrote:

> Is there any way to setup a 'compound' rule in either the access table
> or a local_rule set?

The latter can be used.

> What I would like to do is setup some rule that will reject mail if it
> matches all of the following condition:

> 1. FROM domain is @mydomain.com
> 2. Connection is received on a specific network address (external
> address, not internal)
> 2. FROM address does not exist as a real or aliased user

3?

Wouldn't it be sufficient to just enforce the last condition?
sendmail X does that by default, for sendmail 8 you can try
something like this:


LOCAL_CONFIG
Kpasswd user -m -a@LOCALUSER
Kalias implicit -m -a@LOCALUSER /etc/mail/aliases
Klocal sequence alias passwd

LOCAL_RULESETS
SLocal_check_mail
R$* $: $>CanonAddr $1 canonify sender address
R$+<@$=w.> $@ $>Localokmail $1 local: check user

SLocalokmail
R$+ $: <?> $1
R<?> $- + $* $: <?> $1
R<?> $+ $: <@> $(local $1 $)
R$+@LOCALUSER $@ OK
R$* $#error $@ 4.1.8 $: "450 Unknown user " $1

David Gibbs

unread,
Aug 20, 2005, 7:26:48 PM8/20/05
to
ynotssor wrote:
>>1. FROM domain is @mydomain.com
>>2. Connection is received on a specific network address (external
>>address, not internal)
>>2. FROM address does not exist as a real or aliased user
> The rejecting of email to unknown users is the default in sendmail. You
> should probably undo whatever configuration changes you made to allow the
> accepting of email to unknown users.

You misunderstood ... I want to reject mail that is *FROM* unknown users
on my system. In other words ... FROM = ad...@mydomain.com, TO =
dmg...@mydomain.com, SUBJECT = Your password has been reset, CONTENT =
virus.

The TO address, dmg...@mydomain.com, does exist ... but the from
address, ad...@mydomain.com, does not exist.

david

0 new messages