sendmail M4 to run DNS based spam filters per RCPT
I've written an M4 file for sendmail 3.9.3, and packaged it up as
a debian package. I'd like to contribute it, and I'm willing to
maintain it, since I'm doing so anyway here where we use it.
However, I do not have time to keep up with this mailing list,
and after perusing www.debian.org, and this list, I'm left to
wonder if it's even worth my time to jump through hoops pursuing
debian developer status.
The source and "binaries" are at:
ftp://ftp.oro.net/pub/useful/sendmailblacklistbyrcpt*
Here is a description of the package:
----------------------------------------------------------------
This package makes available an independent feature to sendmail,
similar in function to the "FEATURE(rbl)" offered in standard
sendmail 3.9.3. Blacklists_by_rcpt allows greater control over
when DNS based blacklists should or should not be consulted for
spam blocking.
It presently supports the MAPS Real-Time-Black-Hole (RBL), the
MAPS Dialup-Users-List (DUL), the MAPS Relay-Spam-Stopper (RSS),
and the "Open Relay Behavior-modification System" (ORBS). It is
compatible with FEATURE(virusertable), FEATURE(access_db), and
FEATURE(blacklist_recipients). This package may not be
compatible with versions of sendmail earlier that 3.9.3.
The standard Sendmail 3.9.3 "FEATURE(rbl)" adds these tests to
ruleset "check_relay", blocking traffic before the SMTP dialog
even begins. This package places the tests in ruleset
"Local_check_rcpt" so that decisions can be made about which
test(s) to run (if any) based on the recipient address. This
also allows sendmail to include the recipient address when
logging rejected mail. Also, unlike "FEATURE(rbl)" mail is
rejected with the transient error 451 as per RFC2505 (see
http://info.internet.isi.edu:80/in-notes/rfc/files/rfc2505.txt)
which allows some hope of eventually delivering mail which was
temporarily blocked undesireably.
The tests to be run are declared in /etc/mail/blacklists. This
file is a standard hash database. After installing it, and after
editing it, you must rebuild it with the commaind "makemap hash
blacklists <blacklists" while in it's directory.
The right-hand-side (RHS) of /etc/mail/blacklists is either a
complete address such as user@dom.ain, a domain such as @dom.ain,
a username such as user@, or the text :DEFAULT:. Note that all
valid entries in the RHS (except :DEFAULT:) contain an @
sign. The Left-Hand-Side (LHS) contains a colon delimited and
bounded list of the tests to be run such as :RBL:DUL:RSS:ORBS:
EXAMPLE:
:DEFAULT: :RBL:DUL:RSS:
abuse@local.dom :
friend@ :RBL:DUL:RSS:ORBS:
@bigbiz.com :DUL:
grumpy@bigbiz.com :
The list is searched first for a complete address, then for a
username (global to all domains), and then for a domain name. The
search stops on the first match. Tests are performed in the order
RBL, DUL, RSS, then ORBS; without regard to the order of
appearance in the blacklists file.
In this example mail to "abuse@local.dom" and to
"grumpy@bigbiz.com" get no filtering at all; all other addresses
at bigbiz.com get only the DUL list, except that user "friend"
will get the full treatment at any domain, even
"friend@bigbiz.com". Everyone else gets the the :DEFAULT:
settings of :RBL:DUL:RSS:
You will need to edit your .mc master configuration file to
include HACK(blacklists_by_rcpt) and run sendmailconfig again.
RIGHTS
------
This is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
Reply to: