Solved

access file - correct syntax

Posted on 2001-06-26
3
220 Views
Last Modified: 2010-03-18

I am trying to play around with sendmail to be able to stop spam mail that I am receiving on my redhat 7.0 server.

I tried to dig into the docs regarding sendmail but could not find the correct way to do it.  I got to the point that I have to use the access file, but could not tell the correct syntax to put in it and what else do I need to do to disallow receiving mail from a particular site.
0
Comment
Question by:u1
3 Comments
 
LVL 40

Expert Comment

by:jlevie
Comment Utility
Before messing with the access file, I'd recommend that you enable some or all of the real-time blacklists as maintained by the MAPS organization (http://www.mail-abuse.org). I use all of the black-lists (RBL, DUL, & RSS) and those are enabled by adding:

FEATURE(dnsbl,`blackholes.mail-abuse.org',` Mail from $&{client_addr} rejected, see http://mail-abuse.org/cgi-bin/lookup?$& {client_addr}')dnl
FEATURE(dnsbl,`relays.mail-abuse.org',` Mail from $&{client_addr} rejected; see http://mail-abuse.org/cgi-bin/nph-rss?$& {client_addr}')dnl
FEATURE(dnsbl,`dialups.mail-abuse.org',` Mail from dial-up rejected; see http://mail-abuse.org/dul/enduser.htm')

to your .mc file and build a new sendmail.cf. To do that on 7.0 you'll need to install the sendmail-cf package from the OS distribution.

The real-time black lists will prevent a huge number of spam sites from bothering your users with no effort on your part aside from the initial setup. Using the access map to control spam is useful, but it is a never ending process to identify spam sources and add those to the access map. However, the syntax for blocking a site, machine, or user via the access file would look like:

cyberspammer.com     REJECT
192.168.212          REJECT
spammer@aol.com          REJECT

Since /etc/mail/access is a database, after you modify the access text file you must rebuild the database with:

makemap hash /etc/mail/access </etc/mail/access

There are a number of other things that the access database can be used for as well as variations in how you reject spam. These are covered in the README in the sendmail cf directory or you can read that on-line at http://www.sendmail.org/m4/anti-spam.html
0
 
LVL 3

Accepted Solution

by:
tdaoud earned 200 total points
Comment Utility

the /etc/mail/access file has several purposes including:

- Allowing relays
- Denying Relays
- Rejecting mails
- Producing an nice error message for certain sites that you don't like to receive mail from

I currently use it to allow certain IP address's or subnets to relay through me and to also produce nice error message to the sites I dont wish to receive mail from.

You can easily build the access.db file or any of the other sendmail database files (access, virtusertable, mailertable, ...etc) by running the command "make" once you are in the /etc/mail directory.

So you can go to /etc/mail and edit the file "access" as follows:

####### Begin file here ##############

#
# allow the following IP addresses/subnets to RELAY through me
#

#specific host example
192.118.6.13      RELAY

#specific subnet (leave a dot at the end)
192.118.7.        RELAY

#
# Don't accept mail from the following domains, but
# produce a nice error message back
#

domain1.com       ERROR:"550 We don't accept mail at this time"
domain2.com       ERROR:"560 Please stop bothering us with your emails"
domain3.com       ERROR:"570 Sorry, your mail is not accepted here"

####### End file here ################

Once you are done editing your file, simply type the command "make" (while you are in /etc/mail) and it will recompile the access file for you.

Good Luck

Tarik
0
 

Author Comment

by:u1
Comment Utility

Thank you very much for all of your comments.  I like the displaying of a custom error message of my choice for every particular site.

I tested it and it works.

Thank you all again.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now