Sendmail

deepeyes · 07-25-2003, 07:22 AM

Hi, my first post - please be gentle.

Have a firewall runing a sendmail forwarder - RH8.0 going off to a Exchange 5.5 machine.

We seem to get alot of spam, I am using the /etc/mail/access file to block names and addresses I can resolve, however there are some barstards who seem to be able send mail to our whole network and they do it by sending it to:

Everyone@ns2.xxxxxxxxxxx.com.au

Now I know their doing it by telneting on 25 to our address and all the info is displayed for them.

This is what they see when they

telnet 203.xxx.60.1x6 25

Trying 203.xxx.60.1x6...
Connected to 203.xxx.60.1x6.
Escape character is '^]'.
220 ns2.xxxxxxxxxxx.com.au ESMTP Sendmail 8.12.8/8.12.8; Fri, 25 Jul 2003 22:15:41 +1000

How do I block this out? I have fiddled with the Masquade thingys in the /etc/mail/sendmail.mc

What's better....sendmail ot postfix?

Thanks

ppuru · 07-25-2003, 07:44 AM

# SMTP initial login message (old $e macro)
O SmtpGreetingMessage=$j Sendmail $v/$Z; $b

Here! change / delete $j.

deepeyes · 07-25-2003, 07:48 AM

Thanks ppuru, where do I put this?

DE

stickman · 07-25-2003, 07:50 AM

Simply hiding the name of the system is not going to help you. If it has an IP address and you can connect to it from the internet, then spammers are going to try to send you spam and to use you as a relay. You need to look at putting in some more antispam functionality such as a RBL.

ppuru · 07-25-2003, 07:52 AM

edit your sendmail.cf

search for Greet.

deepeyes · 07-25-2003, 07:54 AM

Relaying is turned off.

RBL?

ppuru · 07-25-2003, 08:01 AM

check sendmail.org you will get all the info to keep spammers at bay.