I've waged a pretty good battle against spam on our site -- users are now seeing very little spam after previously seeing hundreds per day. However, I'm still having a slight problem with what appears to be zombie senders who are connecting directly to our mail server to send messages to local users. Sendmail is accepting these messages and delivering them to local users even though the sender's ip address is not in the /etc/mail/access file.

Does anyone know how to disable this in sendmail? Is it possible to disable this without affecting normal mail delivery?

Thanks in advance,

-Jeff

That is normal operation of SMTP if your server accepts mail for andrew@yourdomain, any one on the internet should be able to connect to your machine and deliver mail to andrew@yourdomain how else would you receive mail ?

If the machine in question is not an MX host and is not supposed to accept mail for users then remove the domain name frome /etc/mail/local-host-names

Thanks for the reply. I guess I was hoping for some known trick that could stop this.

Thanks,

-Jeff

You have to run spam checks on the messages to determine if they are spam or not, also if they are zombies they are most likely to come from addresses that should not be sending mail or have been blacklisted for sending spam so use RBL's to filter them out.