Woody Sendmail: blacklist_recipients feature not working

Tue, 21 Sep 2004 04:15:15 -0700

I'm running Debian Woody x86 on my mail server, and I'm using Sendmail 8.12.3-6.6 as my MTA.

Normal mail delivery is working, but I can't get the "blacklist_recipients" feature to work. The relevant bit from my sendmail.mc is:

# Use the access map for blacklisting and relaying
FEATURE(`access_db')dnl
FEATURE(`blacklist_recipients')dnl

And my access file contains:

127.0.0.1                               RELAY
192.168.124                             RELAY
192.168.120                             RELAY
somestrangeuser@                        REJECT
[EMAIL PROTECTED]               REJECT
To:root@                                REJECT

I convert this to access.db with "makemap hash access.db < access".

I find that normal sender-based access control is working, but recipient-based
is not despite the fact that I'm specifying "blacklist_recipients" in my config:

# Connect to SMTP port
$ telnet 192.168.124.1 25
Trying 192.168.124.1...
Connected to 192.168.124.1.
Escape character is '^]'.
220 mercury ESMTP Ready
HELO sailor
250 mercury.nta-monitor.com Hello vmware-host.demo.nta-monitor.com [172.16.3.254], pleased to meet you

# Test sender rejection - works OK
MAIL FROM: <[EMAIL PROTECTED]>
250 2.1.0 <[EMAIL PROTECTED]>... Sender ok
RSET
250 2.0.0 Reset state
MAIL FROM: <[EMAIL PROTECTED]>
550 5.7.1 <[EMAIL PROTECTED]>... Access denied
RSET
250 2.0.0 Reset state
MAIL FROM: <[EMAIL PROTECTED]>
550 5.7.1 <[EMAIL PROTECTED]>... Access denied
RSET
250 2.0.0 Reset state

# Test recipient rejection - doesn't work
MAIL FROM: <[EMAIL PROTECTED]>
250 2.1.0 <[EMAIL PROTECTED]>... Sender ok
RCPT TO: <[EMAIL PROTECTED]>
250 2.1.5 <[EMAIL PROTECTED]>... Recipient ok
RCPT TO: <[EMAIL PROTECTED]>
550 5.1.1 <[EMAIL PROTECTED]>... User unknown
RCPT TO: <[EMAIL PROTECTED]>
550 5.7.1 <[EMAIL PROTECTED]>... Relaying denied. Proper authentication required.
QUIT
221 2.0.0 mercury.nta-monitor.com closing connection
Connection closed by foreign host.

As you can see, I'm not getting a rejection sending to "[EMAIL PROTECTED]", and
the other recipients that I'd expect to get access denied give other errors.

Any ideas why this is not working? I'm wondering if I should submit this as a bug, or if
I'm doing something silly.

Other random info:

The system has a permanent Internet connection with a static IP. It's running BIND9 for DNS,
and DNS lookups work fine.

mercury:/etc/mail# uname -a
Linux mercury 2.4.24 #3 Sun Feb 22 12:32:32 GMT 2004 i686 unknown

Roy Hills

_________________________________________________________________
Stay in touch with absent friends - get MSN Messenger http://www.msn.co.uk/messenger


--
To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to