Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
 |
03-29-2005, 11:44 AM
|
#1
|
Member
Registered: Dec 2004
Location: Florida, USA
Distribution: Suse 10.0, OSX.4, Solaris 10
Posts: 163
Rep:
|
trouble with DNSBL
I am having trouble setting up my DNS blacklist. I cannot seem to get it to function correctly (as told by the email bot on their system) no matter how I try.
Test System info:
SuSE Linux 9.2
Sendmail 8.13.1
If I can get this to work I will then append the mc file on the following box.
Solaris9
Sendmail 8.12.9
As far as I can tell the DNS blacklisting works the same for version after the original 8.12 so this setup should be fine right? Anyway. Here is my troubling mc file.
divert(0)dnl
OSTYPE(linux)dnl
DOMAIN(generic)dnl
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
MAILER(local)dnl
MAILER(smtp)dnl
I was able to get to bot to repond but always received the email SBL not working. Now I can't even seem to do that. I guess I'm tired :-). any ideas would be great. If you need more info let me know.
Thanks
-Me
Last edited by jsheffie; 03-29-2005 at 11:46 AM.
|
|
|
03-29-2005, 01:57 PM
|
#2
|
Senior Member
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019
Rep:
|
Are you saying the server is no longer recieving any mail at all or is it not blocking what you think it should be blocking.
|
|
|
03-29-2005, 02:12 PM
|
#3
|
Member
Registered: Dec 2004
Location: Florida, USA
Distribution: Suse 10.0, OSX.4, Solaris 10
Posts: 163
Original Poster
Rep:
|
It receives mail fine.
It just will not block spam through the blacklist... At least that is what the email bot for the blacklist host is saying. I currently do not receive spam on my personal system and do not want to test it on the main system yet, so I cannot tell if it is effectively blocking spam yet. Thanks
|
|
|
03-29-2005, 02:58 PM
|
#4
|
Senior Member
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019
Rep:
|
Ok, so I assume this bot is some site that is supposedly blacklisted and you go to a website to request that it send an email for testing purposes, correct?
So when you do that, is your network setup in a way where port 25 is getting forwarded from a public IP to that test computer as well as you production server? Can the bot reach it is what I'm getting at.
You can look at /var/log/maillog to see which system actually received the mail.
You can also do a "grep -i "Spam blocked" /var/log/maillog" as root and that will indicate something was blocked.
edit:
You did create the sendmail.cf file and restart, correct?
Last edited by benjithegreat98; 03-29-2005 at 03:00 PM.
|
|
|
03-29-2005, 03:10 PM
|
#5
|
Member
Registered: Dec 2004
Location: Florida, USA
Distribution: Suse 10.0, OSX.4, Solaris 10
Posts: 163
Original Poster
Rep:
|
I have setup my test box to be totally separate as well as on a separate public IP. Currently my tests do not include any connections with the production server, whatsoever.
The setup spamcop.net has you do is email (from an account on the mail server) an address they have setup, and blacklisted. Apparently if the system is setup correctly you will only receive one email showing the hops taken and the SMTP traffic used. if it is not you receive a second email from that blacklisted account saying, hey you screwed up try again.
The information I used in my .mc file was a direct cut and paste from their website.
I did not receive any lines for "Spam blocked" when I searched, but then again my email account does not receive spam.
I guess I am hoping for someone with DNS blacklisting experience to say "you left out this line" or " you need a line like this" you know?
Thanks again for your help,
-Me
|
|
|
03-29-2005, 03:20 PM
|
#6
|
Senior Member
Registered: Dec 2003
Location: Shelbyville, TN, USA
Distribution: Fedora Core, CentOS
Posts: 1,019
Rep:
|
Well your config file is pretty bare. I'll post mine. You'll have to make some changes. You need to make sure the include(....) leads to a file called cf.m4 .
Change this line:
define(`confDOMAIN_NAME', `themail.themailserver.com')dnl
to something beside themail.themailserver.com
You can also change the VERSIONID line.
I have a few more blacklist included in there that will help your spam
[code]
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')
VERSIONID(`Custom Setup for YellowDog Linux')dnl
OSTYPE(`linux')dnl
dnl# These settings help protect against people verifying email addresses
dnl# at your site in order to send you email that you probably don't want:
define(`confDOMAIN_NAME', `themail.themailserver.com')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confDEF_USER_ID', ``8:12'')dnl
dnl# Uncomment the line below to send outgoing mail through an external server:
dnl define(`SMART_HOST',`mailserver.example.com')
dnl# No timeout for ident:
define(`confTO_IDENT', `0')dnl
dnl# Enable the line below to use smrsh to restrict what sendmail can run:
dnl FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
dnl# See the README in /usr/share/sendmail/cf for a ton of information on
dnl# how these options work:
FEATURE(`use_cw_file')dnl
dnl# FEATURE(`use_ct_file')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(`access_db', `hash -T<TMPF> /etc/mail/access')dnl
FEATURE(`delay_checks')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`local_procmail',`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`always_add_domain')dnl
FEATURE(`redirect')dnl
FEATURE(`dnsbl')dnl
FEATURE(`dnsbl', `combined.njabl.org', `"550 Email Rejected - combined.njabl.org"')dnl
FEATURE(`enhdnsbl', `bl.spamcop.net', `"550 Email Rejected - bl.spamcop.net blacklist"', `t')dnl
FEATURE(`dnsbl', `sbl.spamhaus.org', `"550 Email Rejected - sbl.spamhaus.org blacklist"')dnl
FEATURE(`dnsbl', `list.dsbl.org', `"550 Email Rejected - list.dsbl.org blacklist"')dnl
FEATURE(`dnsbl', `unconfirmed.dsbl.org', `"550 Email Rejected - unconfirmed.dsbl.org blacklist"')dnl
FEATURE(`dnsbl', `cbl.abuseat.org', `"550 Email Rejected - cbl.abuseat.org"')dnl
FEATURE(`no_default_msa')dnl
dnl# Turn this feature on if you don't always have DNS, or enjoy junk mail:
FEATURE(`accept_unresolvable_domains')dnl
EXPOSED_USER(`postmaster')dnl
dnl# Also accept mail for localhost.localdomain:
LOCAL_DOMAIN(`localhost.localdomain')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
[\code]
After you have it set up like you like then use this command:
m4 /etc/mail/sendmail.mc > sendmail.cf
Remember also that sendmail.org has a whole lot of documentation and explains many of the options in detail.
|
|
|
03-29-2005, 03:53 PM
|
#7
|
Member
Registered: Dec 2004
Location: Florida, USA
Distribution: Suse 10.0, OSX.4, Solaris 10
Posts: 163
Original Poster
Rep:
|
Thanks Benji,
Our Mailserver has a more detailed setup. I was just trying to get it to work.
Thanks for the file.
Everything seems to be ok now.
Thanks a lot
|
|
|
All times are GMT -5. The time now is 12:42 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|