cancel
Showing results for 
Search instead for 
Did you mean: 

Blocking mail

David Crowe
Advisor

Blocking mail

I am running Sendmail with the access_db configured as a relay. I want to drop email going to a specific address located further in the mail system. I know that I can use the access component to drop mail coming from specific addresses but I don't see anyway to drop mail going to an address. Does any one have any ideas?
11 REPLIES
Steven E. Protter
Exalted Contributor

Re: Blocking mail

You can add specific ip addresses or email addresses to your acess text database and build a new access_db.

example:


Sabra2564i86@yahoo.com 550 Spam reject. We charge $500/spam message.

After running the script gen_cf on the HP box this address anything coming from it will generate and automated reply requesting a storage fee of $500.

Pretty mean.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
David Crowe
Advisor

Re: Blocking mail

That would work if I was trying to block email FROM a domain. What I am trying to do is block email going TO a specific address i.e. admin@yourdomain.com located inside your relay.
Geoff Wild
Honored Contributor

Re: Blocking mail

Easy, in /etc/mail/acces

admin@yourdomain.com reject

Then makemap your access db and restart sendmail.

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
David Crowe
Advisor

Re: Blocking mail

I tried that using the DISCARD option and it didn't work. It seems to work only on originating addresses not destination addresses. Does the REJECT option work different than the DISCARD?
Geoff Wild
Honored Contributor

Re: Blocking mail

Yes - reject is different then discard.

You could also block your entire domain and then explicitly grant only certain id's:

yourdomain.com reject
you@yourdomian.com allow
someoneelse@yourdomain.com allow


Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
W.C. Epperson
Trusted Contributor

Re: Blocking mail

The logic that checks "From:" address is in the check_relay ruleset. There's no corresponding check in check_rcpt for the "To:" address. You'd have to write a rule and add it--good luck. Sendmail.cf rules make me dizzy after looking at one for more than a few minutes.

What I generally do in this instance is to go to the local delivery SMTP server for the address and forward its mail to an undeliverable address like "returntosender@mydomain.com". How to do this depends on what kind of MTA it is. With sendmail, it's /etc/mail/aliases. With Groupwise, you can do it with the admin interface.
"I have great faith in fools; self-confidence, my friends call it." --Poe
W.C. Epperson
Trusted Contributor

Re: Blocking mail

Geoff,

It's "OK", not "allow", with the default sendmail rulesets, isn't it?
"I have great faith in fools; self-confidence, my friends call it." --Poe
Steven E. Protter
Exalted Contributor

Re: Blocking mail

If you want to stop mail from going to a whole domain, you could set up a dns record for that domain on your internal DNS server. Point it at a local linux box and all the mail will go there instead of externally.

Just a wild alternative. The access file should be manipulated to do the job though.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
W.C. Epperson
Trusted Contributor

Re: Blocking mail

Oh, and as SEP advises, use a 500 series smtp error code, e.g. "user@domain.com 571 Not around here, you don't". 500 series is permanent error/rejection. If not used, the delivering relay may regard the error as transient and keep banging on the door (if it's not RFC-compliant, it may do so anyway).
"I have great faith in fools; self-confidence, my friends call it." --Poe
Geoff Wild
Honored Contributor

Re: Blocking mail

Ah yes - that is right - should be OK not allow...for:

you@yourdomain.com OK

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
Christopher Caldwell
Honored Contributor

Re: Blocking mail

Hooks for the To address can be accessed via virtusertable
and
virtuser_entire_domain
rulesets.

On the relay host, define each user in virtusertable:

you@yourdomain.com !
me@yourdomain.com error:nouser No Such User
@yourdomain.com error:nouser No Such User

If the first entry appears as a To: address, the mail will be passed through the sendmail relay untouched (forwarded).

Mail to the second entry will be rejected outright before delivery (no cost of handling or queueing).

The third entry rejects all mail not explicitly referenced by an ealier entry (it's a terminating entry). Use that entry to keep spam "exploration" to a minimum on the relay server.

User the virtuser-domain database to tell sendmail to apply virtusertable on the relay server. The entry would read as follows:

yourdomain.com


To make this work, be familiar with generating new sendmail.cf files. Instructions can be found in /usr/contrib/sendmail/usr/newconfig/etc/mail/cf.

The technique assumes sendmail 8.10 or greater.