Sendmail 8.8.8 Spam/Relay Question

Posted on 1998-10-22
Last Modified: 2013-12-23
We have Sendmail 8.8.8 and we handle mail for a couple of different domains. But unfortunately some spammers misuse this and use us as a relay host. I used to bolck them off using the Ip address or the domain name via the firewall but unfortunately they get thro to some other ISP and still use us as a relay host ....I need to stop Relaying based on the To addr if it doesnot concern my domains which I handle I should not allow them to do so ...

Is there some way where in I can protect or accept mail to my domains for which I have a Cw entry and disallow mail to any other domains ..

By the way I have Solaris 2.5.1 Running ..

Please Help !!

Thanks in advance

Question by:wilpak
LVL 51

Expert Comment

ID: 1582471
check for sendmail 8.9 at
It has some FEATURES for spam, for example using the Blacklist :-)

Accepted Solution

Strange earned 100 total points
ID: 1582472
Here is an examples from FreeBSD: (sendmail 8.8.7)
      Filtering out SPAM from your site

      The FreeBSD Project filters spam, unsolicited commerical
e-mail, from its mailing lists.  The filter has two parts: databases
and rulesets.  We have added three rulesets to /etc/,
check_relay and check_mail and xlat. (xlat is for testing only, as
explained in /etc/mail/ These rulesets use
two databases.  The denyip, a list of IP addresses, and spamsites,
a list of domains.  We do not accept mail from any machine that
matches a entry in either database.

Filtering at your site:
      To filter spam at your site you need to:
      1. modify your /etc/,
      2. retrieve the database source files from the master site,
      3. make the databases and
      4. finally signal sendmail that the configuration file has changed.

1. Modifying your /etc/
      Add the database declarations and the rulesets contained
in /etc/mail/ to your .mc file.  If you do
not use m4 to generate your /etc/, add the database
declarations to your /etc/

2. Fetching the database source files:
      The database source files are available from Gulf Coast
Internet via anonymous FTP.  The Makefile in /etc/mail will retreive
the source files for you: as root, type "cd /etc/mail; make" at
the command line.  The previous version of the database source
files is moved to <filename>.0.  Local additions should be kept in
separate files.  We use spamsites.local and denyip.local.  You may
want to diff the new versions of the files against the previous
versions to see what has changed.

3. Make the databases:
      As root, type "cd /etc/mail; make install" will build the
two databases from the retrieved source files and the local additions

4. Signaling sendmail:
      Sendmail will reread its configuration whenever sendmail
receives a HUP signal.  As root, type "kill -HUP `cat
/var/run/`".  Check sendmail's log file to be sure that
it has restarted.  /var/log/maillog should contain the line:  "Oct
15 08:59:16 hub sendmail[6565]: restarting /usr/sbin/sendmail on
signal".  Most likely, the date, time, hostname and process id will
be differ.

Testing the spam filter:

How can I tell if its working:
      The mail log file, /var/log/maillog, will contain a line
for every message filtered.  The lines will be similar to one of
these two log entries:

Check_mail rejects:
"Oct 15 02:43:26 hub sendmail[6565]: CAA06565: ruleset=check_mail,
arg1=<>, [###.###.###.###],
reject=521 <>"

Check_relay rejects:
Oct 19 04:45:24 hub sendmail[3503]: NOQUEUE: ruleset=check_relay,, arg2=, relay=root@localhost,
reject=521 postmaster@FreeBSD.ORG

# database declarations
Kdenyip hash -o -a.REJECT /etc/mail/denyip.db
Kspamsites hash -o -a.REJECT /etc/mail/spamsites.db

# called with host.tld and IP address of connecting host.
# ip address must NOT be in the "denyip" database
R$* $| [$+            $1 $| $2                  should not be needed
R$* $| $+]            $1 $| $2                  same (bat 2nd ed p510)
R$* $| $*            $: $1 $| $(denyip $2 $)
R$* $| $*.REJECT      $#error $: 521 blocked. contact postmaster@FreeBSD.ORG ($2)
# host must *not* be in the "spamsites" database
R$+.$+.$+ $| $*            $2.$3 $| $4
R$+.$+ $| $*            $: $(spamsites $1.$2 $) $| $3
R$*.REJECT $| $*      $#error $: 521 blocked. contact postmaster@FreeBSD.ORG ($1)
# Host must be resolvable, currently not used at
#R$* $| $*            $: <?> <$1 $| $2> $>3 foo@$1
#R<?> <$*> $*<@$*.>      $: $1
#R<?> <$*> $*<@$*>      $#error $: 451 Domain does not resolve ($1)

# called with envelope sender, "Mail From: xxx", of SMTP conversation
R$*                  $: <?> $>3 $1
R<?> $* < @ $+ . >      $: $2
# R<?> $* < @ $+ >      $#error $: "451 Domain does not resolve"
R<?> $* < @ $+ >      $: $2
R$+.$+.$+            $2.$3  
R$*                  $: $(spamsites $1 $: OK $)
ROK                  $@ OK
R$+.REJECT            $#error $: 521 $1

# for testing check_relay and check_mail
# if we type "$|", sendmail will split this into two tokens "$" and "|"
# this rule glues prevent sendmail from splitting "$|"
# to use:  /usr/sbin/sendmail -bt
#          host.domain.tld $| 111.222.333.444
R$* $$| $*            $: $1 $| $2
R$* $| $*            $@ $>check_relay $1 $| $2


Expert Comment

ID: 1582473
Also check out  They have other sendmail examples.

Do some net searches for other spam resources - there's a LOAD of material out there.  I've just fended the suckers off using Netscape Messenger 3.54 under NT.  Yucky, Yucky, Yucky..  Sendmail has much more documentation available.

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some time ago I was asked to set up a web portal PC to put at our entrance. When customers arrive, they could see a webpage 'promoting' our company. So I tried to set up a windows 7 PC as a kiosk PC.......... I will spare you all the annoyances I…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

862 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

29 Experts available now in Live!

Get 1:1 Help Now