procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Blocking our own users

1997-11-15 00:55:58
from [Philip Guenther] [Permanent Link] 
Dustin Hall <dustinh(_at_)brigadoon(_dot_)com> writes:

Is there a way to block local users from spamming other sites? Maybe
somehow force sentmail to read a rc file that would maybe then grab the
from field and see if the user exists on the system or not. Or run it
through some sort of filters.


You can and should do this purely in sendmail.  I ended up crafting a
check_from ruleset that verifies that the envelope sender address is
either a) not local; b) a local user; or c) a local alias.  At the time
I did this mainly to force people to configure their Eudora clients so
they didn't say "Return Address: yourname(_at_)gac(_dot_)edu" but it also covers
the outgoing bogus source address spam case.  For those interested in
this kinda thing I've (just) put it up for FTP:

        ftp://ftp.gac.edu/pub/guenther/check_.m4

It's a m4 macro file.  Typical usage would be something like:

        define(`DBDIR', `/var/sendmail')dnl
        FEATURE(check_, `gac.edu gustavus.edu')dnl

This requires the mailertable, using it to assume that if the host-part
is 'inside' one of the domains given as an argument to the FEATURE call
and it's not mentioned in the mailertable, then it's a nullclient-like
machine that shares user and alias information with the machine.
Machines and domains mentioned in the mailertable are considered
non-local.

This ruleset also includes code to rewrite those localish addresses
(using the test described above) to have just the domain, not the FQDN,
so that mail leaving gustavus never says 
<guenther(_at_)lunen(_dot_)gac(_dot_)edu>, but
just <guenther(_at_)gac(_dot_)edu>.  It's a loaded piece of sendmail.cf code 
which
fits our situation here and therefore no where else, though it may
provide an idea or two.  I'm going to include this message as a README
in the same directory as check_.m4, along with a sample database for
using the screening capabilities of this `feature' (did I forget to
mention that it provides a database for rejecting connections based on
their source IP/domain and what they supply as the envelope sender?
Folks, it's just all crammed it there like Fibber McGee's closet!).

Anyway, since this isn't a procmail question or answer, replies should
be sent directly to me (and I've set the Reply-To: header to do so).


Philip Guenther
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: views of efficiency, James Waldby
Next by Date:  \/ is not the same as ()\/, David W. Tamkin
Previous by Thread:  Blocking our own users, Dustin Hall
Next by Thread:  autorespond and save, Deanne99
Indexes:  [Date] [Thread] [Top] [All Lists]