Solved

access file - correct syntax

Posted on 2001-06-26
3
263 Views
Last Modified: 2010-03-18

I am trying to play around with sendmail to be able to stop spam mail that I am receiving on my redhat 7.0 server.

I tried to dig into the docs regarding sendmail but could not find the correct way to do it.  I got to the point that I have to use the access file, but could not tell the correct syntax to put in it and what else do I need to do to disallow receiving mail from a particular site.
0
Comment
Question by:u1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 40

Expert Comment

by:jlevie
ID: 6229920
Before messing with the access file, I'd recommend that you enable some or all of the real-time blacklists as maintained by the MAPS organization (http://www.mail-abuse.org). I use all of the black-lists (RBL, DUL, & RSS) and those are enabled by adding:

FEATURE(dnsbl,`blackholes.mail-abuse.org',` Mail from $&{client_addr} rejected, see http://mail-abuse.org/cgi-bin/lookup?$& {client_addr}')dnl
FEATURE(dnsbl,`relays.mail-abuse.org',` Mail from $&{client_addr} rejected; see http://mail-abuse.org/cgi-bin/nph-rss?$& {client_addr}')dnl
FEATURE(dnsbl,`dialups.mail-abuse.org',` Mail from dial-up rejected; see http://mail-abuse.org/dul/enduser.htm')

to your .mc file and build a new sendmail.cf. To do that on 7.0 you'll need to install the sendmail-cf package from the OS distribution.

The real-time black lists will prevent a huge number of spam sites from bothering your users with no effort on your part aside from the initial setup. Using the access map to control spam is useful, but it is a never ending process to identify spam sources and add those to the access map. However, the syntax for blocking a site, machine, or user via the access file would look like:

cyberspammer.com     REJECT
192.168.212          REJECT
spammer@aol.com          REJECT

Since /etc/mail/access is a database, after you modify the access text file you must rebuild the database with:

makemap hash /etc/mail/access </etc/mail/access

There are a number of other things that the access database can be used for as well as variations in how you reject spam. These are covered in the README in the sendmail cf directory or you can read that on-line at http://www.sendmail.org/m4/anti-spam.html
0
 
LVL 3

Accepted Solution

by:
tdaoud earned 200 total points
ID: 6230095

the /etc/mail/access file has several purposes including:

- Allowing relays
- Denying Relays
- Rejecting mails
- Producing an nice error message for certain sites that you don't like to receive mail from

I currently use it to allow certain IP address's or subnets to relay through me and to also produce nice error message to the sites I dont wish to receive mail from.

You can easily build the access.db file or any of the other sendmail database files (access, virtusertable, mailertable, ...etc) by running the command "make" once you are in the /etc/mail directory.

So you can go to /etc/mail and edit the file "access" as follows:

####### Begin file here ##############

#
# allow the following IP addresses/subnets to RELAY through me
#

#specific host example
192.118.6.13      RELAY

#specific subnet (leave a dot at the end)
192.118.7.        RELAY

#
# Don't accept mail from the following domains, but
# produce a nice error message back
#

domain1.com       ERROR:"550 We don't accept mail at this time"
domain2.com       ERROR:"560 Please stop bothering us with your emails"
domain3.com       ERROR:"570 Sorry, your mail is not accepted here"

####### End file here ################

Once you are done editing your file, simply type the command "make" (while you are in /etc/mail) and it will recompile the access file for you.

Good Luck

Tarik
0
 

Author Comment

by:u1
ID: 6230277

Thank you very much for all of your comments.  I like the displaying of a custom error message of my choice for every particular site.

I tested it and it works.

Thank you all again.
0

Featured Post

The Ideal Solution for Multi-Display Applications

Check out ATEN’s VS1912 12-Port DP Video Wall Media Player at InfoComm 2017. Kerri describes how easy it is to design creative video walls in asymmetric layouts and schedule detailed playlists ahead of time with its advanced scheduling feature.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question