[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Sendmail features
- Subject: Re: [cobalt-users] Sendmail features
- From: "Ian" <cobalt@xxxxxxxxxxxxx>
- Date: Tue Apr 15 07:49:01 2003
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On 15 Apr 2003 at 10:43, Rich LaBo wrote:
> > On Monday 14 April 2003 04:42 pm, James A. Dory wrote:
> >
> > For those who are "curious":
> >
> > > ># DNS based IP address spam list bl.spamcop.net
> >
> > ## Comment line
> >
> > > >R$* $: $&{client_addr}
> >
> > ## Call internal sub-routine "client_addr" to Map host connection
to
> > ## its logical IP address
> >
> > > >R::ffff:$-.$-.$-.$- $: <?> $(host
> $4.$3.$2.$1.bl.spamcop.net.
> >
> > ## If this IP is IPV6, check if the last four octets are listed
(in
> reverse)
> > ## at bl.spamcop.net DNS (should return 127.0.0.X if listed)
> >
> > > > $: OK $)
> >
> > ## no entry at bl.spamcop.net is OK here
> >
> > > >R$-.$-.$-.$- $: <?> $(host
> $4.$3.$2.$1.bl.spamcop.net.
> >
> > ## If this IP is IPV4 notation, check if the IP (in reverse) is
listed
> > ## at bl.spamcop.net DNS (should return 127.0.0.X if listed).
> >
> > > > $: OK $)
> >
> > ## If not listed this is OK here
> >
> > > >R<?>OK $: OKSOFAR
> >
> > ## If the result of any check "above" is OK, then IP address is
ok to
> accept
> >
> > > >R<?>$+ $#error $@ 5.7.1 $: "Spam
blocked see:
> >
> > ## If any IP test above is "true" (meaning the IP was listed and
an "ip"
> was
> > ## returned from the call) then send the client (remote IP ) an
error
> letting
> > ## them know they are blocked by the appropriate BL.
> >
> > IP in reverse means that IP address 1.2.3.4 gets queried as
> > 4.3.2.1.bl.spamcop.net which is how RBL (real-time block-lists)
do the DNS
> > entry. That way you can do things like NJABL (and others) does
which says
> a
> > return of 127.0.0.2 is open relay, a return of 127.0.0.3 is
proxy; etc,
> etc,
> > etc...
>
> How can I verify that this part of the sendmail configuration is
working?
> Sendmail seems to be working fine otherwise.
You will find this type of thing in your maillog:
Apr 15 04:40:05 xxxxx sendmail[25095]: ruleset=check_relay,
arg1=[64.28.67.250], arg2=127.0.0.2, relay=[64.28.67.250], reject=550
5.7.1 Rejected: 64.28.67.250 listed at sbl.spamhaus.org
<http://www.spamhaus.org/SBL>
I have a perl script which checks my maillogs every day for this type
of thing.
Regards
Ian
--