Annoying Spam Problem

[rpeterson at yellowbank.com (Ron Peterson)]

Oommen Thomas wrote:
> 
> On Fri, 17 Mar 2000, Ron Peterson wrote:
> 
> <rpeterson>Jon wrote:
> <rpeterson>>
> <rpeterson>
> <rpeterson>> Is there anything we can do??! (Relaying isn't turned on.)
> <rpeterson>
> <rpeterson>Maybe http://spamcop.net/ can help.
> <rpeterson>
> <rpeterson>Good Luck with your Bad Luck :-)
> <rpeterson>
> <rpeterson>Ron Peterson
> <rpeterson>rpeterson at yellowbank.com
> 
> There is some 'blacklist' of spammers which can be used for blocking by
> sendmail. You can contact the maintainers of this site and give the domain
> name of the spammers. I dont have the details, but sendmail docs should
> have it (or try a search).

This is the "Real Time Black Hole List".  You can find out more by
visiting their site at http://mail-abuse.org/rbl/.

I'm not going to write a tutorial on the use of m4 or Sendmail
configuration in general.  But I've included the m4 configuration files
I've used myself to set up mail for the wallacefloyd.com domain, where I
work.  I'm not going to review the purpose of all the configuration
directives.  But I thought perhaps someone might find it instructive to
see complete configuration files used to produce a working sendmail
configuration.  That includes spam blocking.

First off, I installed Sendmail from source.  After unpacking sendmail,
you will find a subdirectory called /cf.  In /cf you will find a bunch
of other configuration directories.  Following are the contents of two
files I created: /cf/cf/wfdg.cf, and /cf/domain/wallacefloyd.com.m4. 
Ignore the "begin" and "end" lines - I just put them here to delimit the
file contents.

By the way, I'm using sendmail 8.9.3.

-- begin wfdg.cf
divert(-1)

divert(0)dnl
VERSIONID(`@(#)wfdglinux.mc     8.10 (Berkeley) 5/19/98')
OSTYPE(linux)
DOMAIN(wallacefloyd.com)
FEATURE(nouucp)
MAILER(local)
MAILER(smtp)
define(`_RELAY_ACCESS_FROM_')
HACK(chk_rcpt)
-- end wfdg.cf

-- begin wallacefloyd.com.m4
MASQUERADE_AS(wallacefloyd.com)
FEATURE(masquerade_entire_domain)
FEATURE(masquerade_envelope)
FEATURE(genericstable)
FEATURE(relay_entire_domain)
FEATURE(use_cw_file)
FEATURE(local_procmail)
FEATURE(access_db)
FEATURE(blacklist_recipients)
FEATURE(rbl)
-- end wallacefloyd.com.m4

With these files in place, I created my sendmail configuration file by
changing directories into /cf/cf, and typing: 'm4
../domain/wallacefloyd.com.m4 wfdg.cf > sendmail.cf' (without the
quotes, of course)  I should also note that I had to go in and tweak
sendmail.cf to properly locate procmail.  I.E. - m4 is nice, but you
still might have to fiddle just a little.

It's the FEATURE(rbl) line that's germane to this discussion.  This
configures sendmail to block email according to a database of known
spammers maintained by the Mail Abuse Prevention System.  The access_db
and blacklist_recipients features are also used, among other things, for
spam prevention.  But I've hardly used those features at all.  I have a
little over 50 people behind this configuration and we have virtually no
spam whatsoever.  Big "Thank You" to the MAPS RBL!

If anyone would like to critique this configuration, by all means.  I'm
not going to prop myself up as a sendmail guru by any means!  I
understand the security implications of my relay hack.  I'd like to
switch to 8.10, to take advantage of it's secure SMTP authentication,
but I haven't gotten around to it yet.

Ron Peterson
rpeterson at yellowbank.com
-
Subcription/unsubscription/info requests: send e-mail with
"subscribe", "unsubscribe", or "info" on the first line of the
message body to discuss-request at blu.org (Subject line is ignored).