[Mimedefang] filter_relay rejected host. (DNSBL)
Hello, Can anybody help me figure out why the below code in /etc/mail/mimedefang-filter rejects email from all connecting sender ip's? ## sub filter_relay { my ( $ip, $name, $helo) = @_; if (relay_is_blacklisted($ip, ‘zen.spamhaus.org’)) { return(‘REJECT’, ‘You are listed in zen.spamhaus.org’); } } ## Server is running: CentOS 6.5 mimedefang-2.70-1 perl-5.10 From maillog: sendmail[29960]: s2L79ImJ029960: Milter (mimedefang): init success to negotiate sendmail[29960]: s2L79ImJ029960: Milter: connect to filters mimedefang.pl[29937]: filter_relay rejected host xx.xx.xx.xx (connecting-mxserver.com) sendmail[29960]: s2L79ImJ029960: milter=mimedefang, action=connect, reject sendmail[29960]: s2L79ImJ029960: Milter: connect, ending sendmail[29960]: s2L79ImJ029960: Milter (mimedefang): quit filter sendmail[29960]: s2L79ImJ029960: Milter: connect: host=connecting-mxserver.com, addr=xx.xx.xx.xx, rejecting commands sendmail[29960]: s2L79ImJ029960: --- 554 mimedefang-server.com ESMTP not accepting messages sendmail[29960]: s2L79ImJ029960: -- QUIT sendmail[29960]: s2L79ImJ029960: --- 221 2.0.0 mimedefang-server.com closing connection sendmail[29960]: s2L79ImJ029960: Milter (mimedefang): quit filter Best regards Lars Bjaerris ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay rejected host. (DNSBL)
On Fri, 21 Mar 2014 08:43:22 +0100 Lars Bjærris l...@daxzuli.com wrote: sub filter_relay { my ( $ip, $name, $helo) = @_; if (relay_is_blacklisted($ip, ‘zen.spamhaus.org’)) { return(‘REJECT’, ‘You are listed in zen.spamhaus.org’); } } You don't return anything meaningful if the relay is *not* blacklisted. You need to add: return ('CONTINUE', 'OK'); after the closing brace that terminates the if statement. Regards, David. ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay rejected host. (DNSBL)
On Mar 21, 2014, at 2:30 PM, David F. Skoll d...@roaringpenguin.com wrote: On Fri, 21 Mar 2014 08:43:22 +0100 Lars Bjærris l...@daxzuli.com wrote: sub filter_relay { my ( $ip, $name, $helo) = @_; if (relay_is_blacklisted($ip, ‘zen.spamhaus.org’)) { return(‘REJECT’, ‘You are listed in zen.spamhaus.org’); } } You don't return anything meaningful if the relay is *not* blacklisted. You need to add: return ('CONTINUE', 'OK'); after the closing brace that terminates the if statement. Regards, David. David, Thank you very much! Lars Bjaerris ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Blocking on HELO (was Re: [Mimedefang] filter_relay)
On Mon, 1 Nov 2004, Aleksandar Milivojevic wrote: BTW, back to the original question of using HELO argument for filtering. One thing to note is that using HELO for any kind of checks is highly discouraged. That's true. But a very narrow block can block a lot of spam. My mail server (mail.roaringpenguin.com) has IP address 206.191.13.82. Take a look at this: $ fgrep 'HELO 206.191.13.82' /var/log/maillog | wc -l 49 The maillog covers about 36 hours. That means that more than once an hour, some random host claims to be *my* IP address (206.191.13.82) in its HELO. I block all of those and haven't had a complaint yet. (If you were pedantic, you'd block a host that uses any kind of naked IP address in HELO, because it really should use [ip.addr.of.host] with the square brackets.) Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay
On 1 Nov 2004 at 9:18, Aleksandar Milivojevic wrote: For example, they'll use ISP's mail server to relay. Most ISP's don't have virus scanners (too expensive). I don't know about this statement anymore. First, there are great free scanners, like ClamAV. Second, I see a *lot* of bounces from virus scanners where the From address is forged to my domain, so I know that there are a great many virus scanners on mail servers...they just aren't very well configured. -- Jeff Rife| Sam: Hey, how's life treating you there, Norm? SPAM bait: | [EMAIL PROTECTED] | Norm: Beats me...then it kicks me and leaves me [EMAIL PROTECTED] | for dead. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: Blocking on HELO (was Re: [Mimedefang] filter_relay)
On Mon, 1 Nov 2004, David F. Skoll wrote: That's true. But a very narrow block can block a lot of spam. My mail server (mail.roaringpenguin.com) has IP address 206.191.13.82. .. The maillog covers about 36 hours. That means that more than once an hour, some random host claims to be *my* IP address (206.191.13.82) in its HELO. I block all of those and haven't had a complaint yet. As do I. Blocking HELO claiming to be my domain works well also. (If you were pedantic, you'd block a host that uses any kind of naked IP address in HELO, because it really should use [ip.addr.of.host] with the square brackets.) I tried that but rejected good email from a few broken mail servers. :-( Regards, Mike Lambert ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay
David F. Skoll wrote: On Fri, 29 Oct 2004, David Hiebert wrote: However, I question the wisdom of rejecting mail from machines with no reverse DNS. I'm not convinced it will block bad mail more often than good. I would add to that by acknowledging there's a lot of idiots out there on the net who haven't a clue how important proper DNS is. Reverse DNS checking blocks a LOT of spam... but it does indeed block a lot of legit mail too. Example: Texas Instruments (yes, the semiconductor powerhouse company) has bad rDNS for their mail server. A tech rep trying to email me was getting bounced. Why? Exchange only reports something stupid like, Cannot send mail, and error has occured versus the whole reject message. So the users have no clue what's going on and either the admins aren't bright enough to know or just don't care. I think if just ONE big mail portal (MSN, Yahoo, AOL, etc..) would reject on DNS like that, a lot of netizens would fix their darn DNS appropriately. Where that would help up is if the ISP's purposefully set up DNS for DHCP and dialup addresses to NOT be correct... and instantly, all those typically zombied addresses would become useless Oh well. It's a nice thought anyway. -- Ben Kamen - O.D.T., S.P. == Email: bkamen AT benjammin DOT net Web: http://www.benjammin.net ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay
On Sat, 30 Oct 2004, David F. Skoll wrote: Date: Sat, 30 Oct 2004 18:59:28 -0400 (EDT) From: David F. Skoll [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [Mimedefang] filter_relay On Sat, 30 Oct 2004, David Hiebert wrote: I've been testing with a host with invalid reverse and another with valid reverse the entire time. When return('REJECT') with any $msg is called, the SMTP connection (telnetting into port 25 and issuing commands manually) returns 550 5.0.0 Command Rejected only after issuing the MAIL FROM: command, rather than upon the connection itself. I must be missing something. Is there an evil Cisco SMTP proxy or something similar between you and the MIMEDefang machine? Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang Nope, there is nothing special about the network setup. I'm testing using 3 systems (the mail server, a system with reverse DNS, and a system without.) They are for all intents and purposes on the same switch, same subnet, no bridge, firewall, router or any other such network device between. I've included my mimedefang-filter. I believe at this point that I've removed an essential line, or filter from the config. I've included the config as it has been modified. As we will be using MIMEDefang in a production environment, we would like to run it in it's most bare (i.e. no filters) form, and add one filter at a time as we see fit. David Hiebert Keyway Internet Services 909-933-3699#!/usr/bin/perl # -*- Perl -*- #*** # # mimedefang-filter # # Suggested minimum-protection filter for Microsoft Windows clients, plus # SpamAssassin checks if SpamAssassin is installed. # # Copyright (C) 2002 Roaring Penguin Software Inc. # # This program may be distributed under the terms of the GNU General # Public License, Version 2, or (at your option) any later version. # # $Id: suggested-minimum-filter-for-windows-clients,v 1.81 2004/10/26 18:34:33 dfs Exp $ #*** #*** # Set administrator's e-mail address here. The administrator receives # quarantine messages and is listed as the contact for site-wide # MIMEDefang policy. A good example would be '[EMAIL PROTECTED]' #*** $AdminAddress = '[EMAIL PROTECTED]'; $AdminName = Keyway Postmaster; #*** # Set the e-mail address from which MIMEDefang quarantine warnings and # user notifications appear to come. A good example would be # '[EMAIL PROTECTED]'. Make sure to have an alias for this # address if you want replies to it to work. #*** $DaemonAddress = '[EMAIL PROTECTED]'; #*** # If you set $AddWarningsInline to 1, then MIMEDefang tries *very* hard # to add warnings directly in the message body (text or html) rather # than adding a separate WARNING.TXT MIME part. If the message # has no text or html part, then a separate MIME part is still used. #*** $AddWarningsInline = 0; #*** # To enable syslogging of virus and spam activity, add the following # to the filter: # md_graphdefang_log_enable(); # You may optionally provide a syslogging facility by passing an # argument such as: md_graphdefang_log_enable('local4'); If you do this, be # sure to setup the new syslog facility (probably in /etc/syslog.conf). # An optional second argument causes a line of output to be produced # for each recipient (if it is 1), or only a single summary line # for all recipients (if it is 0.) The default is 1. # Comment this line out to disable logging. #*** md_graphdefang_log_enable('local8', 1); #*** # Uncomment this to block messages with more than 50 parts. This will # *NOT* work unless you're using Roaring Penguin's patched version # of MIME tools, version MIME-tools-5.411a-RP-Patched-02 or later. # # WARNING: DO NOT SET THIS VARIABLE unless you're using at least # MIME-tools-5.411a-RP-Patched-02; otherwise, your filter will fail. #*** # $MaxMIMEParts = 50; #*** # Set various stupid things your mail client does below
Re: [Mimedefang] filter_relay
On Sun, 31 Oct 2004, Ben wrote: Date: Sun, 31 Oct 2004 10:17:26 -0600 From: Ben [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [Mimedefang] filter_relay David F. Skoll wrote: On Fri, 29 Oct 2004, David Hiebert wrote: However, I question the wisdom of rejecting mail from machines with no reverse DNS. I'm not convinced it will block bad mail more often than good. I would add to that by acknowledging there's a lot of idiots out there on the net who haven't a clue how important proper DNS is. Reverse DNS checking blocks a LOT of spam... but it does indeed block a lot of legit mail too. Example: Texas Instruments (yes, the semiconductor powerhouse company) has bad rDNS for their mail server. A tech rep trying to email me was getting bounced. Why? Exchange only reports something stupid like, Cannot send mail, and error has occured versus the whole reject message. So the users have no clue what's going on and either the admins aren't bright enough to know or just don't care. I think if just ONE big mail portal (MSN, Yahoo, AOL, etc..) would reject on DNS like that, a lot of netizens would fix their darn DNS appropriately. Where that would help up is if the ISP's purposefully set up DNS for DHCP and dialup addresses to NOT be correct... and instantly, all those typically zombied addresses would become useless Oh well. It's a nice thought anyway. -- Ben Kamen - O.D.T., S.P. == Email: bkamen AT benjammin DOT net Web: http://www.benjammin.net ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang Ben, I agree with you 100%. In fact, AOL does block mail from IP's without reverse DNS, which is what has convinced my boss to allow me to do the same, for the exact reason you describe. Here is more info on AOL's block: http://postmaster.aol.com/info/rdns.html As for Texas Instruments, does their mail server have BAD reverse DNS or NO reverse DNS? I agree that blocking BAD (mismatched) reverse DNS would block alot of legitimate mail, which is why we are only going to block mail from IP's with NO reverse DNS to reduce the false positives as much as possible. As far as admin's that have no clue about things such as Reverse DNS, I believe that it is a mistake for me to block mail from them, however they are in many cases the cause of such troubles. We've had customers in the past who've had IT personnel come and go for this reason (open proxies, open relays, poorly configured/secured networks,) and while they usually get blocked by RBL's, we try to work with them to get things fixed as soon as possible. Other ISP's are not so kind, or caring of their reputation, let alone reducing the proliferation of spam. While it is a mistake for me to block mail from these guys, it gets the job done. I'll definitely take heed of your point on Exchange not sending a proper rejection notification. Perhaps I'll add in a whois lookup, and have it notify the postmaster with a customized mailnote, in addition to the rejection notice. Also, a quick disclaimer, opinions shared in this communication are mine, and mine alone. They are in no way to be interpreted as the opinion of Keyway, or it's employees (except obviously for the fact that Keyway strives to help it's customers, as well as help in any way to reduce the proliferation of spam on the internet.) David Hiebert Keyway Internet Services 909-933-3699 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay
On Fri, 29 Oct 2004, David F. Skoll wrote: Date: Fri, 29 Oct 2004 22:12:38 -0400 (EDT) From: David F. Skoll [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [Mimedefang] filter_relay On Fri, 29 Oct 2004, David Hiebert wrote: I was more concerned with the first problem/question though. No matter how I format the return('REJECT'), the $msg isn't passed to sendmail. That's odd; it works for me. Are you going by Sendmail logs, or actually telnetting in on port 25 to simulate an SMTP session? (The logs are unreliable; try modifying your filter for test purposes to refuse mail from a host you control, and simulate an SMTP session.) Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang I've been testing with a host with invalid reverse and another with valid reverse the entire time. When return('REJECT') with any $msg is called, the SMTP connection (telnetting into port 25 and issuing commands manually) returns 550 5.0.0 Command Rejected only after issuing the MAIL FROM: command, rather than upon the connection itself. I must be missing something. David Hiebert Keyway Internet Services 909-933-3699 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay
On Sat, 30 Oct 2004, David Hiebert wrote: I've been testing with a host with invalid reverse and another with valid reverse the entire time. When return('REJECT') with any $msg is called, the SMTP connection (telnetting into port 25 and issuing commands manually) returns 550 5.0.0 Command Rejected only after issuing the MAIL FROM: command, rather than upon the connection itself. I must be missing something. Is there an evil Cisco SMTP proxy or something similar between you and the MIMEDefang machine? Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] filter_relay
I am attempting to reject mail for ip's with no reverse DNS (not mismatched forward/reverse.) The below filter_relay works, however it is not passing the $msg for return(REJECT) to sendmail (or maybe sendmail isn't picking it up?) The maillog reports: sm-mta[82794]: i9U00cCx082794: Milter: connect: host=[216.117.199.248], addr=216.117.199.248, rejecting commands for IP's without reverse, and successfully sends with reverse. My second question/problem is the 3 commented out lines. The man page for mimedefang-filter indicates that if an IP has no reverse dns, then $hostname is a duplicate of $hostip. This then should make a real quick and easy check for no reverse, however the if statement (when not commented) never seems to be true. use Net::DNS; sub filter_relay () { my ($hostip, $hostname) = @_; my $res = Net::DNS::Resolver-new; my $query = $res-search($hostip); #if ($hostip eq $hostname) { #return ('TEMPFAIL',Please fix your reverse DNS before sending us mail.); #} if ($query) { $query-answer; } $response=$res-errorstring; if ($response eq 'NXDOMAIN') { return ('REJECT', Please fix your reverse DNS before sending us mail., 550, 5.7.1, 1); } return ('CONTINUE', ok); } David Hiebert Keyway Internet Services 909-933-3699 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay
On Fri, 29 Oct 2004, David Hiebert wrote: My second question/problem is the 3 commented out lines. The man page for mimedefang-filter indicates that if an IP has no reverse dns, then $hostname is a duplicate of $hostip. This then should make a real quick and easy check for no reverse, however the if statement (when not commented) never seems to be true. My mistake, the man page is wrong. If $hostip is 1.2.3.4 and has no reverse DNS lookup, then $hostname is [1.2.3.4]. That is: if ($hostname eq [$hostip]) { # You have no reverse DNS } However, I question the wisdom of rejecting mail from machines with no reverse DNS. I'm not convinced it will block bad mail more often than good. -- David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay
On Fri, 29 Oct 2004, David F. Skoll wrote: Date: Fri, 29 Oct 2004 21:41:44 -0400 (EDT) From: David F. Skoll [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [Mimedefang] filter_relay On Fri, 29 Oct 2004, David Hiebert wrote: My second question/problem is the 3 commented out lines. The man page for mimedefang-filter indicates that if an IP has no reverse dns, then $hostname is a duplicate of $hostip. This then should make a real quick and easy check for no reverse, however the if statement (when not commented) never seems to be true. My mistake, the man page is wrong. If $hostip is 1.2.3.4 and has no reverse DNS lookup, then $hostname is [1.2.3.4]. That is: if ($hostname eq [$hostip]) { # You have no reverse DNS } However, I question the wisdom of rejecting mail from machines with no reverse DNS. I'm not convinced it will block bad mail more often than good. -- David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang David, I appreciate your response, and agree with your opinion in part. I believe that it will block some legitimate mail, however larger ISP's are already blocking based on this rule, which essentially forces smaller ISP's with poorly configured DNS to get their act together. I was more concerned with the first problem/question though. No matter how I format the return('REJECT'), the $msg isn't passed to sendmail. Also, upon further testing, the $smtp_dsn, and $code are not passed either, however the $delay is being passed. Any ideas, or any more information that I can provide to assist? David Hiebert Keyway Internet Services 909-933-3699 ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay
On Fri, 29 Oct 2004, David Hiebert wrote: I was more concerned with the first problem/question though. No matter how I format the return('REJECT'), the $msg isn't passed to sendmail. That's odd; it works for me. Are you going by Sendmail logs, or actually telnetting in on port 25 to simulate an SMTP session? (The logs are unreliable; try modifying your filter for test purposes to refuse mail from a host you control, and simulate an SMTP session.) Regards, David. ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
RE: [Mimedefang] filter_relay not working?
Got it working.My bustI had the -r in mimedefang-multiplexor, not mimedefang :) What you are trying to accomplish is rather opaque to me. Can you please specify? I have a Secondary MX that will spool up mail in the event the primary goes down. As you know, spammers will often try the higher weighted MX's in the hopes of sneaking things through. So on this secondary I'm running MD/SA and RBL checks. I was finding that this machine would identify a message as SPAM and add the headers. Then it would forward to the primary and it would change the SPAM headers and say it wasn't spam. See below. Feb 13 08:19:57 mail sendmail[6308]: i1DGJvR9006308: Milter change: header X-Spam-Status: from Yes, hits=5.533 required=5\n version=SpamAssassin 2.63 tests=BAYES_44,DATE_MISSING,FROM_NO_LOWER,MSGID_FROM_MTA_SHORT to No, hits=-4.562 required=5\n version=SpamAssassin 2.63 tests=BAYES_00,NO_REAL_NAME I have since dropped the mimedefang-ip-key, since by using the filter_relay, there is no way to strip the header since I accept the message outright if coming from my MX02 box. If there is a better way of handling/accomplishing this, I'd love to hear it. Thanks for all the replies. - Mike smime.p7s Description: S/MIME cryptographic signature ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
[Mimedefang] filter_relay not working?
Hi All, I've been trying to get filter_relay to work but I'm not having much luck. To rule out all the logic in the filter, I have created a simple filter_relay like this to see if it's even being called. I'm running this on MD 2.39. sub filter_relay { my($ip, $name, $helo) = @_; action_add_header(X-From:,$ip); } The thing that brought all of this about was that the secondary MX would scan the mail and assign X-SPAM headers saying it was spam, then it would get forwarded to the primary and it would change the header and say it wasn't spam. Maybe filter_relay isn't the place for this? I'm at the end of my rope so am asking for help/suggestions. Basically I want to stream everything through that comes from a certain relay with no further checking. I was thinking something like this sub filter_relay { my($ip, $name, $helo) = @_; if($ip eq xxx.xx.xx.xx) { return('ACCEPT_AND_NO_MORE_FILTERING', ok); } else { return('CONTINUE', ok); } } Any help would be greatly appreciated. - Mike smime.p7s Description: S/MIME cryptographic signature ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] filter_relay not working?
Mike Smith wrote: Basically I want to stream everything through that comes from a certain relay with no further checking. I was thinking something like this sub filter_relay { my($ip, $name, $helo) = @_; if($ip eq xxx.xx.xx.xx) { return('ACCEPT_AND_NO_MORE_FILTERING', ok); } else { return('CONTINUE', ok); } } That should work. I used almost exactly that on one mail server for a while to allow another one to relay out through it due to some RBL trouble. -kgd -- Sendmail administration is not black magic. There are legitimate technical reasons why it requires the sacrificing of a live chicken. - Unknown ___ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang