LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 03-29-2005, 11:44 AM   #1
jsheffie
Member
 
Registered: Dec 2004
Location: Florida, USA
Distribution: Suse 10.0, OSX.4, Solaris 10
Posts: 163

Rep: Reputation: 30
trouble with DNSBL


I am having trouble setting up my DNS blacklist. I cannot seem to get it to function correctly (as told by the email bot on their system) no matter how I try.

Test System info:
SuSE Linux 9.2
Sendmail 8.13.1

If I can get this to work I will then append the mc file on the following box.
Solaris9
Sendmail 8.12.9

As far as I can tell the DNS blacklisting works the same for version after the original 8.12 so this setup should be fine right? Anyway. Here is my troubling mc file.

divert(0)dnl
OSTYPE(linux)dnl
DOMAIN(generic)dnl
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
MAILER(local)dnl
MAILER(smtp)dnl

I was able to get to bot to repond but always received the email SBL not working. Now I can't even seem to do that. I guess I'm tired :-). any ideas would be great. If you need more info let me know.

Thanks
-Me

Last edited by jsheffie; 03-29-2005 at 11:46 AM.
 
Old 03-29-2005, 01:57 PM   #2
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
Are you saying the server is no longer recieving any mail at all or is it not blocking what you think it should be blocking.
 
Old 03-29-2005, 02:12 PM   #3
jsheffie
Member
 
Registered: Dec 2004
Location: Florida, USA
Distribution: Suse 10.0, OSX.4, Solaris 10
Posts: 163

Original Poster
Rep: Reputation: 30
It receives mail fine.

It just will not block spam through the blacklist... At least that is what the email bot for the blacklist host is saying. I currently do not receive spam on my personal system and do not want to test it on the main system yet, so I cannot tell if it is effectively blocking spam yet. Thanks
 
Old 03-29-2005, 02:58 PM   #4
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
Ok, so I assume this bot is some site that is supposedly blacklisted and you go to a website to request that it send an email for testing purposes, correct?

So when you do that, is your network setup in a way where port 25 is getting forwarded from a public IP to that test computer as well as you production server? Can the bot reach it is what I'm getting at.

You can look at /var/log/maillog to see which system actually received the mail.

You can also do a "grep -i "Spam blocked" /var/log/maillog" as root and that will indicate something was blocked.

edit:

You did create the sendmail.cf file and restart, correct?

Last edited by benjithegreat98; 03-29-2005 at 03:00 PM.
 
Old 03-29-2005, 03:10 PM   #5
jsheffie
Member
 
Registered: Dec 2004
Location: Florida, USA
Distribution: Suse 10.0, OSX.4, Solaris 10
Posts: 163

Original Poster
Rep: Reputation: 30
I have setup my test box to be totally separate as well as on a separate public IP. Currently my tests do not include any connections with the production server, whatsoever.

The setup spamcop.net has you do is email (from an account on the mail server) an address they have setup, and blacklisted. Apparently if the system is setup correctly you will only receive one email showing the hops taken and the SMTP traffic used. if it is not you receive a second email from that blacklisted account saying, hey you screwed up try again.

The information I used in my .mc file was a direct cut and paste from their website.

I did not receive any lines for "Spam blocked" when I searched, but then again my email account does not receive spam.

I guess I am hoping for someone with DNS blacklisting experience to say "you left out this line" or " you need a line like this" you know?

Thanks again for your help,
-Me
 
Old 03-29-2005, 03:20 PM   #6
benjithegreat98
Senior Member
 
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019

Rep: Reputation: 45
Well your config file is pretty bare. I'll post mine. You'll have to make some changes. You need to make sure the include(....) leads to a file called cf.m4 .
Change this line:
define(`confDOMAIN_NAME', `themail.themailserver.com')dnl
to something beside themail.themailserver.com

You can also change the VERSIONID line.

I have a few more blacklist included in there that will help your spam

[code]
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')
VERSIONID(`Custom Setup for YellowDog Linux')dnl
OSTYPE(`linux')dnl
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confDOMAIN_NAME', `themail.themailserver.com')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
dnl# Uncomment the line below to send outgoing mail through an external server:
dnl define(`SMART_HOST',`mailserver.example.com')
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
dnl# Enable the line below to use smrsh to restrict what sendmail can run:
dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
FEATURE(`use_cw_file')dnl
dnl# FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`delay_checks')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
FEATURE(`dnsbl')dnl
FEATURE(`dnsbl', `combined.njabl.org', `"550 Email Rejected - combined.njabl.org"')dnl
FEATURE(`enhdnsbl', `bl.spamcop.net', `"550 Email Rejected - bl.spamcop.net blacklist"', `t')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `"550 Email Rejected - sbl.spamhaus.org blacklist"')dnl
FEATURE(`dnsbl', `list.dsbl.org', `"550 Email Rejected - list.dsbl.org blacklist"')dnl
FEATURE(`dnsbl', `unconfirmed.dsbl.org', `"550 Email Rejected - unconfirmed.dsbl.org blacklist"')dnl
FEATURE(`dnsbl', `cbl.abuseat.org', `"550 Email Rejected - cbl.abuseat.org"')dnl
FEATURE(`no_default_msa')dnl
dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
FEATURE(`accept_unresolvable_domains')dnl
EXPOSED_USER(`postmaster')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
[\code]


After you have it set up like you like then use this command:

m4 /etc/mail/sendmail.mc > sendmail.cf

Remember also that sendmail.org has a whole lot of documentation and explains many of the options in detail.
 
Old 03-29-2005, 03:53 PM   #7
jsheffie
Member
 
Registered: Dec 2004
Location: Florida, USA
Distribution: Suse 10.0, OSX.4, Solaris 10
Posts: 163

Original Poster
Rep: Reputation: 30
Thanks Benji,

Our Mailserver has a more detailed setup. I was just trying to get it to work.
Thanks for the file.

Everything seems to be ok now.

Thanks a lot
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
sendmail behind router fails with 553 DNSBL sixerjman Linux - Networking 1 11-21-2005 08:26 AM
sendmail and dnsbl cholo Linux - Software 0 11-16-2004 02:02 AM
Create my own DNSBL? wytiger Linux - Security 3 10-21-2004 01:38 AM
Sendmail, m4 configuration for dnsbl jastorqu Linux - Networking 0 05-27-2004 05:24 PM
sendmail, dnsbl and access benjithegreat98 Linux - Software 0 12-15-2003 10:42 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 12:42 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration