diff --git a/etc/mail/Makefile b/etc/mail/Makefile index f56d3db951dd..cf6e559c2c52 100644 --- a/etc/mail/Makefile +++ b/etc/mail/Makefile @@ -1,13 +1,6 @@ -# $Id: Makefile,v 1.5 1998/09/13 23:14:20 brian Exp $ +# $Id: Makefile,v 1.6 1999/01/31 15:21:15 jmb Exp $ install: - /usr/sbin/makemap hash /etc/mail/spamsites < /etc/mail/block_domains.txt -.if exists(/etc/mail/spamsites.local) - /usr/sbin/makemap -o hash /etc/mail/spamsites < /etc/mail/spamsites.local -.endif - /usr/sbin/makemap hash /etc/mail/denyip < /etc/mail/block_ips.txt -.if exists(/etc/mail/denyip.local) - /usr/sbin/makemap -o hash /etc/mail/denyip < /etc/mail/denyip.local -.endif + /usr/sbin/makemap hash /etc/mail/access < /etc/mail/access.txt all: install diff --git a/etc/mail/README b/etc/mail/README index 1de804cd01ed..05992c753daa 100644 --- a/etc/mail/README +++ b/etc/mail/README @@ -1,74 +1,17 @@ -# $Id: README,v 1.5 1998/09/02 01:34:57 brian Exp $ +# $Id: README,v 1.5.2.1 1999/05/01 03:37:29 jkh Exp $ Filtering out SPAM from your site + Sendmail now includes excellent tools block spam. These +tools are available as FEATUREs that you can add to your site's +.mc file. Proper use of these FEATUREs will prevent spammer from +using your site as a relay as well as significantly decrease the +amount of spam that arrives at your site. No set of anti-spam +tools will block all spam without blocking some portion of legitimate +mail as well. Therefore, these FEATUREs are designed to prevent +as much spam as possible without blocking legitimate mail. -Introduction: - The FreeBSD Project filters spam, unsolicited commerical -e-mail, from its mailing lists. The filter has two parts: databases -and rulesets. We have rulesets to /etc/sendmail.cf, check_rcpt, -check_relay, check_rbl, check_mail and xlat. (xlat is for testing -only, as explained in /etc/mail/sendmail.cf.additions.) These -rulesets use three databases. The denyip, a list of IP addresses, -spamsites, a list of domains, and fakenames, a list of bogus -usernames (such as investor and success). We do not accept mail -from any machine that matches a entry in either database, or users -in the fakenames database. + These tools are discussed in /usr/src/contrib/sendmail/cf/README. +Read the section entitled "ANTI-SPAM CONFIGURATION CONTROL". Example +usage and additional tools can be found in +/usr/src/contrib/sendmail/cf/cf/knecht.mc. -Filtering at your site: - To filter spam at your site you need to: - 1. modify your /etc/sendmail.cf, - 2. create a list of domains/ips you wish to block - 3. make the databases and - 4. finally signal sendmail that the configuration file has changed. - -1. Modifying your /etc/sendmail.cf - Add the database declarations and the rulesets contained -in /etc/mail/sendmail.cf.additions to your .mc file. If you do -not use m4 to generate your /etc/sendmail.cf, add the database -declarations to your /etc/sendmail.cf. - -2. Put the list of domains you wish to block in /etc/mail/spamsites - -3. Make the databases: - As root, type "cd /etc/mail; make install" will build the -two databases from the retrieved source files and the local additions -files. - -4. Signaling sendmail: - Sendmail will reread its configuration whenever sendmail -receives a HUP signal. As root, type "kill -HUP `cat -/var/run/sendmail.pid`". Check sendmail's log file to be sure that -it has restarted. /var/log/maillog should contain the line: "Oct -15 08:59:16 hub sendmail[6565]: restarting /usr/sbin/sendmail on -signal". Most likely, the date, time, hostname and process id will -be differ. - -Testing the spam filter: - -How can I tell if its working: - The mail log file, /var/log/maillog, will contain a line -for every message filtered. The lines will be similar to one of -these two log entries: - -Check_mail rejects: -Oct 15 02:43:26 hub sendmail[6565]: CAA06565: ruleset=check_mail, -arg1=, relay=xxx.isp.net [###.###.###.###], -reject=521 - -Nov 30 15:56:37 hub sendmail[15058]: PAA15058: ruleset=check_mail, -arg1=, relay=relay.somewhere.com -[###.###.###.###], reject=451 ... Domain -does not resolve - - -Check_relay rejects: -Oct 19 04:45:24 hub sendmail[3503]: NOQUEUE: ruleset=check_relay, -arg1=imsp015.netvigator.com, arg2=205.252.144.206, relay=root@localhost, -reject=521 blocked.contact postmaster@FreeBSD.ORG - -check_rcpt reject: -Nov 30 15:04:08 hub sendmail[12390]: PAA12390: ruleset=check_rcpt, -arg1=investor@100percent.per.year.com, relay=newfed.frb.gov -[198.3.221.5], reject=553 investor@100percent.per.year.com... -521#blocked.contact postmaster -Sun Nov 16 11:40:53 PST 1997 diff --git a/etc/mail/sendmail.cf.additions b/etc/mail/sendmail.cf.additions deleted file mode 100644 index 767795bad060..000000000000 --- a/etc/mail/sendmail.cf.additions +++ /dev/null @@ -1,125 +0,0 @@ -# $Id:$ -# -# list of hosts and domains for whom we relay mail. -# all .forward hosts, domains must be listed in this file. -# same for hosts and domains in /etc/aliases -F{LocalIP}-o /etc/mail/Local-IP -F{RelayTo}-o /etc/mail/Relay-Hosts - -# database declarations -Kdenyip hash -o -a.REJECT /etc/mail/denyip.db -Kfakenames hash -o -a.REJECT /etc/mail/fakenames.db -Kspamsites hash -o -a.REJECT /etc/mail/spamsites.db - -# helper rulsesets; useful for debugging sendmail configurations -# -# -Scheck_rbl -# lookup up an ip address in the Realtime Blackhole List. -R$-.$-.$-.$- $: $(host $4.$3.$2.$1.rbl.maps.vix.com $:OK $) - -Sxlat # for sendmail -bt -# sendmail treats "$" and "|" as two distinct tokens -# this rule "pastes" them together into one token -# and then calls check_relay. -R$* $$| $* $: $1 $| $2 -R$* $| $* $@ $>check_relay $1 $| $2 - -Scheck_relay -# called with "hostname.tld $| IP address" of connecting host. -# hostname.tld is the fully-qualified domain name -# IP address is dotted-quad with surrounding "[]" brackets. -# -# each group of rules in this ruleset is independent. -# each accepts and return "hostname.tld $| IP address" -# use the ones that you want comment out the rest -# you may rearrange the groups but not the rules in each group. -# each group is preceded and followed by a comment -# -# host must NOT be in the "spamsites" database--BEGIN -R$* $| $* $: <$1 $| $2> $1 -R<$*> $+.$+.$+ <$1> $3.$4 -R<$*> $+.$+ $: <$1> $(spamsites $2.$3 $) -R<$*> $*.REJECT $#error $: 521 blocked. contact postmaster@$m -R<$*> $* $: $1 -# host must NOT be in the "spamsites" database--END -# ip address must NOT be in the "denyip" database--BEGIN -R$* $| $* $: $1 $| $(denyip $2 $) -R$* $| $*.REJECT $#error $: 521 blocked. contact postmaster@$m -# ip address must NOT be in the "denyip" database--END -R$* $@ OK - -Scheck_mail -# called with envelope sender (everything after ":") in -# "Mail From: xxx", of SMTP conversation -# may or may not have "<" ">" -# the groups of rules in this ruleset ARE NOT independent. -# "remove all RFC-822 comments" must come first -# "Connecting Host" and "Paul Vixie's RBL" must be last -# -# use the ones that you want comment out the rest -# each group is preceded and followed by a comment -# -# remove all RFC-822 comments--BEGIN -# MUST be first rule in check_mail rulseset. -R$* $: $>3 $1 -# remove all RFC-822 comments--END -# mail must come from a DNS resolvable host--BEGIN -R$* < @ $+ . > $: $1 @ $2 -R$* < @ $+ > $#error $@ 4.1.8 $: "451 Domain does not resolve" -# mail must come from a DNS resolvable host--END -# mail must NOT come from a known source of spam--BEGIN -R$+ @$+ $: <$1@$2> $2 -R<$*> $+.$+.$+ <$1> $3.$4 -R<$*> $* $: $(spamsites $2 $: OK $) -R$+.REJECT $#error $@ 5.7.1 $: 550 $1 -R<$*> $* $: $1 -# mail must NOT come from a known source of spam--END -# Connecting Host must resolve--BEGIN -R$* $: $1 $: $(dequote "" $&{client_name} $) -R$* $: $>3 foo@$1 -R<$*> $*<@$*> $#error $@ 4.1.8 $: "451 Domain does not resolve" -# Connecting Host must resolve--END -# ip address must NOT be in Paul Vixie's RBL--BEGIN -R$* $: $1 $: $(dequote "" $&{client_addr} $) -R$* $: $>check_rbl $1 -R$*.com. $#error $@ 5.7.1 $: "550 Mail refused, see http://maps.vix.com/rbl" -# ip address must NOT be in Paul Vixie's RBL--END -R$* $@ OK - -Scheck_rcpt -# called with envelope recipient (everything after ":") in -# "Rcpt To: xxx", of SMTP conversation -# may or may not have "<" ">" and or RFC-822 comments. -# let ruleset 3 clean this up for us. -# -# do NOT reorder these two groups of rules. -# restrict mail relaying to host and domains listed in /etc/sendmail.cR -# -# mail must NOT be addressed "fakenames"--BEGIN -R$* $: <$1> $>3 $1 -R<$*> $+ < @ $+ > $: <$1> $(fakenames $2 $: OK $) -R$+.REJECT $#error $@ 5.2.1 $: 550 $1 -R<$*> $* $: $1 -# mail must NOT be addressed "fakenames"--END -# mail must come from or go to this machine or machines we allow to relay--BEGIN -# from http://www.informatik.uni-kiel.de/%7Eca/email/check.html#check_rcpt -R$+ $: $(dequote "" $&{client_addr} $) $| $1 -R0 $| $* $@ ok -R$={LocalIP}$* $| $* $@ ok -# not local, check rcpt -R$* $| $* $: $>3 $2 -# remove local part, maybe repeatedly -R$+ $:$>removelocal $1 -# still something left? -R$*<@$+>$* $#error $@ 5.7.1 $: 550 we do not relay -# -Sremovelocal -# remove RelayTo part (maybe repeatedly) -# R$*<@$*$={RelayTo}.>$* $>3 $1 $4 -R$*<@$=w.>$* $: $>removelocal $>3 $1 $3 -R$*<@$*>$* $@ $1<@$2>$3 -# dequote local part -R$- $: $>3 $(dequote $1 $) -R$*<@$*>$* $: $>removelocal $1<@$2>$3 -# mail must come from or go to this machine or machines we allow to relay--END