LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Software (https://www.linuxquestions.org/questions/linux-software-2/)
-   -   how to refuse to send email to some domain with sendmail? (https://www.linuxquestions.org/questions/linux-software-2/how-to-refuse-to-send-email-to-some-domain-with-sendmail-93207/)

lzyking 09-15-2003 08:29 PM

how to refuse to send email to some domain with sendmail?
 
My sendmail server recently gets the maillog like this:

Sep 16 08:36:36 linux sendmail[1961]: h8EIKbmM026822:

to=<l48yg.cuygm@softhome.net>, delay=16:42:14, xdelay=00:00:00,

mailer=esmtp, pri=1385829, relay=mx0a.softhome.net., dsn=4.0.0,

stat=Sent
-----------------------------
and the load average of the mail server always is about 24 , and CPU used by system or user is at 80%, so I think that is because the user of my company is sending virus email to some domain like @softhome.net , is that right? (there are plenty of this kind of record in maillog file)

If this is right ,can I do something to refuse people of my company to send the virus email to that domain with my sendmail server?

please help me!

michelvd 09-16-2003 12:40 AM

Hi,

you can add a line 'to:softhome.net REJECT' to your /etc/mail/access file. Rebuild the file with 'makemap hash /etc/mail/access < /etc/mail/access' and reload sendmail, that should do the trick.

lzyking 09-16-2003 07:12 AM

thanks michelvd, but I found that there are a lot of address I will add to the file access , I mean perhaps I have 200 addresses that I must to reject , is this the right way I fix the problem?

By the way ,I found the mail server always sent mail after come off work , and there is no pc working at that time ,dose it mean the mail my email server sent is not virus email? what can I do for this?

When I check my maillog ,I can't find record such as "from" , I just got the record such as a lot of "to " , does it mean the email is sent by my company's user?

please help me ! thanks

michelvd 09-16-2003 08:21 AM

[QUOTE]Originally posted by lzyking
[B]thanks michelvd, but I found that there are a lot of address I will add to the file access , I mean perhaps I have 200 addresses that I must to reject , is this the right way I fix the problem?

It is _a_ way, we use it for the same purpose, although its the other way round, to block mail from certain domains. If you think the mails are virusses, have a look at amavis or another viruskiller.

By the way ,I found the mail server always sent mail after come off work , and there is no pc working at that time ,dose it mean the mail my email server sent is not virus email? what can I do for this?

That is possible, maybe some mail couldn't get deliverd right away and the mailserver is retrying. Do you send mail to a smarthost or not (sendmail.cf -> DS)

When I check my maillog ,I can't find record such as "from" , I just got the record such as a lot of "to " , does it mean the email is sent by my company's user?

There are always from: lines, but it could be your users are sending mail to many addresses and they get lost in the to: lines :) can you do a grep on the maillog ?


All times are GMT -5. The time now is 04:56 AM.