accessdb needed

26/10/2007, 12h22

I'm guessing either the answer will be can't do, or it's so obvious I've
missed it, however.....

There's a site, lets call it xxx, from which I'm getting too much nasty
spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
also hosts some perfectly good users.

Is there a way of rejecting anything coming from xxx's servers, unless
with one of a set of known valid source email addresses?

Thanks.

--
Mike Scott (unet <at> scottsonline.org.uk)
Harlow Essex England

26/10/2007, 12h57

On 26 oct, 12:22, Mike Scott
<usenet...@spam.stopper.scottsonline.org.uk> wrote:
> I'm guessing either the answer will be can't do, or it's so obvious I've
> missed it, however.....
>
> There's a site, lets call it xxx, from which I'm getting too much nasty
> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
> also hosts some perfectly good users.
>
> Is there a way of rejecting anything coming from xxx's servers, unless
> with one of a set of known valid source email addresses?
>
> Thanks.
>
> --

You can be very specific as I do here like:
itis.com DISCARD
2xx.1xx.1xx.2xx REJECT

Discard silently 'discard' the mail, but the mail IS downloaded, takes
time, and bandwith. REJECT return an error 500.xx to the sender.
DISCARD as the advanage that the sender ignore if there is somebody at
the other end, while the error confitm there is, but mail is
rejected.
Your choice.
BTW there are other possibilities like forward..
You should by the O'Reily book on sendmail it real worth the mony.
SartDameAveline

27/10/2007, 17h50

SarDameAveline wrote:
> On 26 oct, 12:22, Mike Scott
> <usenet...@spam.stopper.scottsonline.org.uk> wrote:
>> I'm guessing either the answer will be can't do, or it's so obvious I've
>> missed it, however.....
>>
>> There's a site, lets call it xxx, from which I'm getting too much nasty
>> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
>> also hosts some perfectly good users.
>>
>> Is there a way of rejecting anything coming from xxx's servers, unless
>> with one of a set of known valid source email addresses?
>>
>> Thanks.
>>
>> --
>
> You can be very specific as I do here like:
> itis.com DISCARD
> 2xx.1xx.1xx.2xx REJECT
>
Thanks, but this I know (I /do/ have the bat book, and there's the doc'n
that comes with sendmail, plus the web site).

But I /still/ can't see how to block all traffic from a defined relay
(more accurately, relays within a defined network) /except/ that from a
list of known email addresses. Maybe custom milter code is the only way??

--
Mike Scott (unet <at> scottsonline.org.uk)
Harlow Essex England

28/10/2007, 00h57

In article <I6JUi.112345$j16.99304@newsfe6-gui.ntli.net>,
Mike Scott <usenet.11@spam.stopper.scottsonline.org.uk> wrote:
>SarDameAveline wrote:
>> On 26 oct, 12:22, Mike Scott
>> <usenet...@spam.stopper.scottsonline.org.uk> wrote:
>>> I'm guessing either the answer will be can't do, or it's so obvious I've
>>> missed it, however.....
>>>
>>> There's a site, lets call it xxx, from which I'm getting too much nasty
>>> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
>>> also hosts some perfectly good users.
>>>
>>> Is there a way of rejecting anything coming from xxx's servers, unless
>>> with one of a set of known valid source email addresses?
>>>
>>> Thanks.
>>>
>>> --
>>
>> You can be very specific as I do here like:
>> itis.com DISCARD
>> 2xx.1xx.1xx.2xx REJECT
>>
>Thanks, but this I know (I /do/ have the bat book, and there's the doc'n
>that comes with sendmail, plus the web site).
>
>But I /still/ can't see how to block all traffic from a defined relay
>(more accurately, relays within a defined network) /except/ that from a
>list of known email addresses. Maybe custom milter code is the only way??

If everything from that/those relays is using a fixed list domain for the
sender, you can 'accept' mail from a list of full addresses, an reject/discard
everything else using wildcards for those domains.

IF the list of origin domains (valid or otherwise) is open-ended, then,
a custom milter _is_ the easy way.

you -could- roll some direct sendmail.cf code that looks at a (saved) connection
during 'mail from' processing, and rejects anything that isn't i your 'white-
list'.

My opinion: a custom milter will be easier.

28/10/2007, 03h52

In article <ZdjUi.99308$yN2.44086@newsfe7-gui.ntli.net>,
Mike Scott <usenet.11@spam.stopper.scottsonline.org.uk> wrote:

> I'm guessing either the answer will be can't do, or it's so obvious I've
> missed it, however.....
>
> There's a site, lets call it xxx, from which I'm getting too much nasty
> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
> also hosts some perfectly good users.
>
> Is there a way of rejecting anything coming from xxx's servers, unless
> with one of a set of known valid source email addresses?

If you have delay_checks enabled, you should be able to do something
like this:

Connect:yahoo.com REJECT
From:yahoos.one.worthwhile.user@yahoo.com OK

This has issues, since it is trivial to forge the sender of mail, but it
does what you are looking for.

This is actually documented in the "Delay all checks" subsection of the
"ANTI-SPAM CONFIGURATION CONTROL" section of the cf/README file.

--
Now where did I hide that website...

29/10/2007, 18h42

Bill Cole wrote:
> In article <ZdjUi.99308$yN2.44086@newsfe7-gui.ntli.net>,
> Mike Scott <usenet.11@spam.stopper.scottsonline.org.uk> wrote:
>
>> I'm guessing either the answer will be can't do, or it's so obvious I've
>> missed it, however.....
>>
>> There's a site, lets call it xxx, from which I'm getting too much nasty
>> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
>> also hosts some perfectly good users.
>>
>> Is there a way of rejecting anything coming from xxx's servers, unless
>> with one of a set of known valid source email addresses?
>
> If you have delay_checks enabled, you should be able to do something
> like this:
>
> Connect:yahoo.com REJECT
> From:yahoos.one.worthwhile.user@yahoo.com OK
>
> This has issues, since it is trivial to forge the sender of mail, but it
> does what you are looking for.
>
> This is actually documented in the "Delay all checks" subsection of the
> "ANTI-SPAM CONFIGURATION CONTROL" section of the cf/README file.
>
Thanks. I've put that in to see what happens. I had read the section
you mention - or rather, as I now see, completely misread it. Which
explains my misunderstanding of it.

--
Mike Scott (unet <at> scottsonline.org.uk)
Harlow Essex England

26/10/2007, 12h22	#1
Mike Scott Messages: n/a Hébergeur:	accessdb needed I'm guessing either the answer will be can't do, or it's so obvious I've missed it, however..... There's a site, lets call it xxx, from which I'm getting too much nasty spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx also hosts some perfectly good users. Is there a way of rejecting anything coming from xxx's servers, unless with one of a set of known valid source email addresses? Thanks. -- Mike Scott (unet <at> scottsonline.org.uk) Harlow Essex England

26/10/2007, 12h57	#2
SarDameAveline Messages: n/a Hébergeur:	Re: accessdb needed On 26 oct, 12:22, Mike Scott <usenet...@spam.stopper.scottsonline.org.uk> wrote: > I'm guessing either the answer will be can't do, or it's so obvious I've > missed it, however..... > > There's a site, lets call it xxx, from which I'm getting too much nasty > spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx > also hosts some perfectly good users. > > Is there a way of rejecting anything coming from xxx's servers, unless > with one of a set of known valid source email addresses? > > Thanks. > > -- You can be very specific as I do here like: itis.com DISCARD 2xx.1xx.1xx.2xx REJECT Discard silently 'discard' the mail, but the mail IS downloaded, takes time, and bandwith. REJECT return an error 500.xx to the sender. DISCARD as the advanage that the sender ignore if there is somebody at the other end, while the error confitm there is, but mail is rejected. Your choice. BTW there are other possibilities like forward.. You should by the O'Reily book on sendmail it real worth the mony. SartDameAveline

27/10/2007, 17h50	#3
Mike Scott Messages: n/a Hébergeur:	Re: accessdb needed SarDameAveline wrote: > On 26 oct, 12:22, Mike Scott > <usenet...@spam.stopper.scottsonline.org.uk> wrote: >> I'm guessing either the answer will be can't do, or it's so obvious I've >> missed it, however..... >> >> There's a site, lets call it xxx, from which I'm getting too much nasty >> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx >> also hosts some perfectly good users. >> >> Is there a way of rejecting anything coming from xxx's servers, unless >> with one of a set of known valid source email addresses? >> >> Thanks. >> >> -- > > You can be very specific as I do here like: > itis.com DISCARD > 2xx.1xx.1xx.2xx REJECT > Thanks, but this I know (I /do/ have the bat book, and there's the doc'n that comes with sendmail, plus the web site). But I /still/ can't see how to block all traffic from a defined relay (more accurately, relays within a defined network) /except/ that from a list of known email addresses. Maybe custom milter code is the only way?? -- Mike Scott (unet <at> scottsonline.org.uk) Harlow Essex England

28/10/2007, 00h57	#4
Robert Bonomi Messages: n/a Hébergeur:	Re: accessdb needed In article <I6JUi.112345$j16.99304@newsfe6-gui.ntli.net>, Mike Scott <usenet.11@spam.stopper.scottsonline.org.uk> wrote: >SarDameAveline wrote: >> On 26 oct, 12:22, Mike Scott >> <usenet...@spam.stopper.scottsonline.org.uk> wrote: >>> I'm guessing either the answer will be can't do, or it's so obvious I've >>> missed it, however..... >>> >>> There's a site, lets call it xxx, from which I'm getting too much nasty >>> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx >>> also hosts some perfectly good users. >>> >>> Is there a way of rejecting anything coming from xxx's servers, unless >>> with one of a set of known valid source email addresses? >>> >>> Thanks. >>> >>> -- >> >> You can be very specific as I do here like: >> itis.com DISCARD >> 2xx.1xx.1xx.2xx REJECT >> >Thanks, but this I know (I /do/ have the bat book, and there's the doc'n >that comes with sendmail, plus the web site). > >But I /still/ can't see how to block all traffic from a defined relay >(more accurately, relays within a defined network) /except/ that from a >list of known email addresses. Maybe custom milter code is the only way?? If everything from that/those relays is using a fixed list domain for the sender, you can 'accept' mail from a list of full addresses, an reject/discard everything else using wildcards for those domains. IF the list of origin domains (valid or otherwise) is open-ended, then, a custom milter _is_ the easy way. you -could- roll some direct sendmail.cf code that looks at a (saved) connection during 'mail from' processing, and rejects anything that isn't i your 'white- list'. My opinion: a custom milter will be easier.

28/10/2007, 03h52	#5
Bill Cole Messages: n/a Hébergeur:	Re: accessdb needed In article <ZdjUi.99308$yN2.44086@newsfe7-gui.ntli.net>, Mike Scott <usenet.11@spam.stopper.scottsonline.org.uk> wrote: > I'm guessing either the answer will be can't do, or it's so obvious I've > missed it, however..... > > There's a site, lets call it xxx, from which I'm getting too much nasty > spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx > also hosts some perfectly good users. > > Is there a way of rejecting anything coming from xxx's servers, unless > with one of a set of known valid source email addresses? If you have delay_checks enabled, you should be able to do something like this: Connect:yahoo.com REJECT From:yahoos.one.worthwhile.user@yahoo.com OK This has issues, since it is trivial to forge the sender of mail, but it does what you are looking for. This is actually documented in the "Delay all checks" subsection of the "ANTI-SPAM CONFIGURATION CONTROL" section of the cf/README file. -- Now where did I hide that website...

29/10/2007, 18h42	#6
Mike Scott Messages: n/a Hébergeur:	Re: accessdb needed Bill Cole wrote: > In article <ZdjUi.99308$yN2.44086@newsfe7-gui.ntli.net>, > Mike Scott <usenet.11@spam.stopper.scottsonline.org.uk> wrote: > >> I'm guessing either the answer will be can't do, or it's so obvious I've >> missed it, however..... >> >> There's a site, lets call it xxx, from which I'm getting too much nasty >> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx >> also hosts some perfectly good users. >> >> Is there a way of rejecting anything coming from xxx's servers, unless >> with one of a set of known valid source email addresses? > > If you have delay_checks enabled, you should be able to do something > like this: > > Connect:yahoo.com REJECT > From:yahoos.one.worthwhile.user@yahoo.com OK > > This has issues, since it is trivial to forge the sender of mail, but it > does what you are looking for. > > This is actually documented in the "Delay all checks" subsection of the > "ANTI-SPAM CONFIGURATION CONTROL" section of the cf/README file. > Thanks. I've put that in to see what happens. I had read the section you mention - or rather, as I now see, completely misread it. Which explains my misunderstanding of it. -- Mike Scott (unet <at> scottsonline.org.uk) Harlow Essex England

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email