/etc/aliases should be updated to provide proper mail routing. Make sure root mail goes to a regular user.
The way things should work is that mail won't be accepted or relayed for users not specifically laid out in /etc/aliases. That is how it works with Red Hat. I'm more an HP-Ux guy, but accepting mail for an entire domain is not an option based on the volume spammers flood us with nowadays.
You can add some spam rejection logic for specific senders that will bounce messages. On the sendmail.org link is a cookbook to getting the spam sender blacklist and rejecting all mail on that blacklist.
You need to look at the headers for some of your message senders and start blocking their mail. If necessary, trace the hop path and block the IP addresses actually relaying the mail.
Its fun reading and you see mail with from sender at aol or yahoo actually doing smtp relay off their cable modem. Block the cable modem and the mail stops coming. A report to the ISP can also help.
In /etc/mail/access
Fred@fouryourmarriage.net 550 Spam reject. We charge $500/spam message.
This is a hast databse. You can put domains or IP addresses in there. I'll attach a script that lets you rebuild hast databases as well.
in sendmail.mc there are directives that let you open up or close mail by ip address.
Here they are.
DAEMON_OPTIONS(`Port=smtp,Addr=66.92.143.197, Name=MTA')
This explicitly allows mail for the domain I have sitting on the above IP address to come in. Any non-listed IP addresse buzz, thank you for playing all the mail gets bounced.
buildmail attachment is a linux script that rebuilds the hash db, and generates a sendmail.cf file that takes all these directives into account.
It can be adapted to HP-UX, I've gotten it to work.
Then standard configuration on the HP-UX sendmail.cf generator script(prior post) does not allow relay.
If you take time and track where the mail is actually coming from, you can cut these guys off. If they send a million messages at your HP-UX box, they get a million messages back. Coolness.
The mail messages should contain good header data. Just because it seems to be forged doesn't mean there is useful data out there.
Red Hat has a doc that shows how to integrate the spam blacklist directives into sendmail.mc I think it can provide a starting point for HP-UX
P
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
