• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 289
  • Last Modified:

access file - correct syntax

I am trying to play around with sendmail to be able to stop spam mail that I am receiving on my redhat 7.0 server.

I tried to dig into the docs regarding sendmail but could not find the correct way to do it.  I got to the point that I have to use the access file, but could not tell the correct syntax to put in it and what else do I need to do to disallow receiving mail from a particular site.
1 Solution
Before messing with the access file, I'd recommend that you enable some or all of the real-time blacklists as maintained by the MAPS organization (http://www.mail-abuse.org). I use all of the black-lists (RBL, DUL, & RSS) and those are enabled by adding:

FEATURE(dnsbl,`blackholes.mail-abuse.org',` Mail from $&{client_addr} rejected, see http://mail-abuse.org/cgi-bin/lookup?$& {client_addr}')dnl
FEATURE(dnsbl,`relays.mail-abuse.org',` Mail from $&{client_addr} rejected; see http://mail-abuse.org/cgi-bin/nph-rss?$& {client_addr}')dnl
FEATURE(dnsbl,`dialups.mail-abuse.org',` Mail from dial-up rejected; see http://mail-abuse.org/dul/enduser.htm')

to your .mc file and build a new sendmail.cf. To do that on 7.0 you'll need to install the sendmail-cf package from the OS distribution.

The real-time black lists will prevent a huge number of spam sites from bothering your users with no effort on your part aside from the initial setup. Using the access map to control spam is useful, but it is a never ending process to identify spam sources and add those to the access map. However, the syntax for blocking a site, machine, or user via the access file would look like:

cyberspammer.com     REJECT
192.168.212          REJECT
spammer@aol.com          REJECT

Since /etc/mail/access is a database, after you modify the access text file you must rebuild the database with:

makemap hash /etc/mail/access </etc/mail/access

There are a number of other things that the access database can be used for as well as variations in how you reject spam. These are covered in the README in the sendmail cf directory or you can read that on-line at http://www.sendmail.org/m4/anti-spam.html

the /etc/mail/access file has several purposes including:

- Allowing relays
- Denying Relays
- Rejecting mails
- Producing an nice error message for certain sites that you don't like to receive mail from

I currently use it to allow certain IP address's or subnets to relay through me and to also produce nice error message to the sites I dont wish to receive mail from.

You can easily build the access.db file or any of the other sendmail database files (access, virtusertable, mailertable, ...etc) by running the command "make" once you are in the /etc/mail directory.

So you can go to /etc/mail and edit the file "access" as follows:

####### Begin file here ##############

# allow the following IP addresses/subnets to RELAY through me

#specific host example      RELAY

#specific subnet (leave a dot at the end)
192.118.7.        RELAY

# Don't accept mail from the following domains, but
# produce a nice error message back

domain1.com       ERROR:"550 We don't accept mail at this time"
domain2.com       ERROR:"560 Please stop bothering us with your emails"
domain3.com       ERROR:"570 Sorry, your mail is not accepted here"

####### End file here ################

Once you are done editing your file, simply type the command "make" (while you are in /etc/mail) and it will recompile the access file for you.

Good Luck

u1Author Commented:

Thank you very much for all of your comments.  I like the displaying of a custom error message of my choice for every particular site.

I tested it and it works.

Thank you all again.

Featured Post

[Webinar] Kill tickets & tabs using PowerShell

Are you tired of cycling through the same browser tabs everyday to close the same repetitive tickets? In this webinar JumpCloud will show how you can leverage RESTful APIs to build your own PowerShell modules to kill tickets & tabs using the PowerShell command Invoke-RestMethod.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now