There is a lot you can do about spam.
Here is a summary.
Turn on your firewall. Take a look at the configuration of /etc/sysconfig/ipchains
This has a listing of the ports and what to do with the data.
Make sure its running and blocking ports.
You probably need to accept some kind of incoming mail, so you need to work with the sendmail configuration.
There is an important file called /etc/mail/access
It contains entries like this.
localhost RELAY
It can contain entries like this:
spammer REJECT
It can even reject with nasty little notes back to the spammer. Even if they've used a relay in use, there will e a response and the sysadmin will either figure it out or see his /var filesystem fill up, brining down his machine.
Quite effective.
After adding entries to this file, you'll need to run the m4 macro to integrate these changes into your sendmail configuration. Here is a complete script that does this and allows you to put some goodies into your sendmail.mc file making spam harder to get into your organization.
I always use the posix shell, because I'm primarly an HP-Ux geek.
#!/bin/sh
# A script designed to rebuild all relavent mail databases after a configuration
# change.
#
#
newaliases
cd /etc/mail
makemap -r -v hash access.db < access
makemap -r -v hash domaintable.db < domaintable
makemap -r -v hash genericstable.db < genericstable
makemap -r -v hash mailertable.db < mailertable
makemap -r -v hash virtusertable.db < virtusertable
cp /etc/sendmail.cf /root
m4 /etc/mail/sendmail.mc > /etc/sendmail.cf
echo "You need to edit the sendmail.cf file for localhost et al"
sleep 3
vi /etc/sendmail.cf
/etc/init.d/sendmail restart
The edit step reminds me to do a customization on the /etc/sendmail.conf file prior to running the daemon. I require customization to make my mail have the right hostname after this process. The sendmail.mc macro domain breaks my sendmail.conf file(lol).
The restart stuff is self evident.
Are we done? Hardly.
You need to consider what you are doiing about popmail. If your users are getting their mail into Microsoft mail clients with popmail, there is no need to open up port 110 to the world. Open it up only to your local network.
Now try this command at the command line.
sendmail -v -d38.2 youraddress@aol.com
You will see that AOL actually validates the domain name before it lets mail in.
You can nail a lot of spammers if you figure out how they do that.
Good Luck and feel free to contact me directly if you need further assistance. I learned sendmail the hard way, and still haven't turned on popmail.
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
