/etc/mail/access and DISCARD

Fred Martin_1 · ‎07-21-2003

I'm running sendmail 8.11.1 and have placed some IP addresses and domain names on the access list as DISCARD items.

To test, I put my PC's name in there, and tried sending email to someone on our network. Here's the line in /etc/access:

fred.applicatorssales.com DISCARD Sorry.

It worked from the sender's point of view. When I tried to send an email, my mail client echoed the discard and sorry message back.

However - the email was sent anyway. The recipient got the message. That transaction appears in the mail log, with a different ID than the transaction that was discarded.

My understanding of DISCARD is that the email would be discarded. Hmmm. Am I not setting this up right?

fmartin@applicatorssales.com

Steven E. Protter · ‎07-21-2003

You can't just set up the access file.

You have to create the access.db file.

I've attached a Linux script for building these databases.

Somewhere in my past questions is an hpux version. I'm looking for it.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Fred Martin_1 · ‎07-21-2003

Sorry I should have said that. I am making the DB with this:

makemap dbm /etc/mail/access < /etc/mail/access

Fred

fmartin@applicatorssales.com

Fred Martin_1 · ‎07-21-2003

And...this is in sendmail.cf

Kaccess dbm /etc/mail/access

fmartin@applicatorssales.com

Steven E. Protter · ‎07-21-2003

Okay Fred,

I'll stop looking for that script.

DISCARD is not the best choice. It would be better to REJECt.

That is an aside.

Set up another HP-UX box with this discard

build the databases

from the discarded box

sendmail -v -d8.99 -d38.99 someone@otherbox.net

Type some text.

.

You should see the message be accepted.

DISCARD does not bounce the message, it just does nothing with it.

After running a few tests, look at the mail log.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

someone_4 · ‎07-21-2003

Hi check out the attachment.
I am not sure where I found it. I think it was a doc on the hp site. But it explains everything pretty well.

In my access file for spammers I use the line below.

biscoind.com 553 Spammer

And no one can send to the domain or get email from the domain. You can put an IP instead too.

Hope it helps

Richard

Fred Martin_1 · ‎07-21-2003

Thanks folks, I'm using Richard's suggestion as it certainly does the trick.

In my test, as the sender, my Eudora email client refused to even send the email at all, when my server sent the 550 back. Even if the spammer's client blindly sends stuff anyway, my server didn't keep or evaluate the incoming spam, but just dropped the conection after the bounce.

Building a list of spammers is a bit like trying to hit a moving target, but it's a start for me anyway. At least I can hit the larger ligitimate marketing places with this.

I'll be trying to implement a black hole list soon, if that works OK.

fmartin@applicatorssales.com

Steven E. Protter · ‎07-21-2003

Fred,

I'd be happy to send you my access file.

I have a very extensive list of spammers and a few IP address blocks that house mobile spammers.

I actually cut my spam count over the weekend to 1 message on my account. As I've tightened the screws complaints from my customers about spam have dropped too.

I'll trade you for your makemap script?

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Fred Martin_1 · ‎07-21-2003

I'd like to see your access file. Post it here or mail it to me directly fmartin@applicatorssales.com.

My makemap script is pretty hairy, but you are welcome to it, I suppose. It updates several things - it runs newaliases, creates the access.db and the user.db based on exterior files that I maintained. They are complicated by the fact that three companies are sharing one mail server...

It also creates "printable" text files of internal aliases and internet email addresses for those employees with perission to use them.

The printable files are for internal distribution, but are interesting in that the printable list only prints aliases we want users to see, and in a few unique cases certain addresses are masked from the printable list...i.e. some higher-ups see more email than some realize. Nudge nudge.

Then if that's not enough it ftp's these print files to a public folder on an NT server.

The code to make that all happen is very obtuse and requires the /etc/aliases file to be in a specific format beyond the normal.

But anyway, I'll send it to you if you want to see it. I hesitate to put it here though, because it's such a hack.

fmartin@applicatorssales.com

Steven E. Protter · ‎07-21-2003

Fred,

sprotter@investmenttool.com

Attach the script, which is better than what I have and when I get home, I'll reply with a copy of the access file.

If we agree its a resource, we can improve both of our situations by exchanging access files regularly. I will strip out the internal section of access file, just in case any of my customer email addresses found their way in there.

I'm starting at ground zero with sendmail configuration on HP-UX and thats why your makemap script is important. I'm thinking my sendmail.mc file might work on sendmail 8.11 HP-UX which would save me a lot of time. If you have one of those it would be most useful.

Identify yourself on the subject line if the name isn't obvious.

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Fred Martin_1 · ‎07-21-2003

OK I got a few requests to post the script. I don't mind but I've edited out any real server names, domain names, user names, etc. and put in some generic replacements.

And, as I said, it's a hack, and is placed here without warranty. I only know it works for me. I don't have time to engage in any debugging.

And, no comments about the legality of the bigboss bit - that wasn't my idea :)

fmartin@applicatorssales.com

Fred Martin_1 · ‎07-21-2003

Ok back to my original post ... I occasionally get lines like this in the mail.log

h6LJOaT09182: --> 553 5.0.0 No soliciting. (held)

The 553 No Soliciting is a result of my access file entry. But what does '(held)' mean? Not all the hits have that comment.

fmartin@applicatorssales.com

Steven E. Protter · ‎07-21-2003

My access file attached.

I grabbed it by ftp

SEP

Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com

Fred Martin_1 · ‎07-21-2003

Is this another issue? If my access file is going to bounce email, my log and my queue are going to be filled with junk, since most spammers are spoofing anyway.

fmartin@applicatorssales.com

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Forums

Discussions

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

/etc/mail/access and DISCARD

/etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD

Re: /etc/mail/access and DISCARD