* Martin <[EMAIL PROTECTED]> [010816 15:01]:
> Well I have a number of items in the tcprules database tcp.smtp which I
> updated the cdb with :
> tcprules /etc/tcp.smtp.cdb /etc/tcp.smtp.tmp < /etc/tcp.smtp
Ok.
> 208.179.97.10:deny
> [EMAIL PROTECTED]:deny
> s2u2.com:deny
> I tested the IP by doing :-
> setenv TCPREMPTEIP 208.179.97.10
> tcprulescheck /etc/tcp.smtp.cdb
> and successfully get rule 208.179.97.10 deny.
Good, but not quite right...
> Problem #1
> I have tried using TCPREMOTEHOST and TCPREMOTEINFO and it fails ie. they
> are allowed.
Have you not read the documentation for tcprules?
A rule with a hostname need to look like this:
=s2u2.com:deny
(note the =) and make sure that reverse lookup is activated in your
startup script...
If you use @, this will check against the ident info for the connection,
not the email address...
> Problem #2
> Further, I noted I received a mail from [EMAIL PROTECTED] to one account, even
> though this should have been denied.
> I then tried mconnect and tried several addresses of the form host@domain
> of e-mail addresses AND domains and the mails were successfully received,
> ie. despite having deny against those addresses and domains, the mails
> were successfully delivered.
> Any hints ?
E-mail addresses can't be blocked with tcprules. They are blocked in
/var/qmail/control/badmailfrom
man qmail-smtpd
-Johan
--
Johan Almqvist
http://www.almqvist.net/johan/qmail/
PGP signature
