Re: badmailfrom didn't work
did you killall -HUP qmail-send? - Original Message - From: Gary MacKay [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, July 26, 2001 2:35 PM Subject: badmailfrom didn't work OK. I added this '[EMAIL PROTECTED]' dude to my badmailfrom and still got this last message. What gives? If I telnet to the box and try to send in a message as him, it gets kicked out, why doesn't the real message get kicked out? - Gary
Re: badmailfrom didn't work
On Thu, Jul 26, 2001 at 08:35:13AM -0400, Gary MacKay wrote: OK. I added this '[EMAIL PROTECTED]' dude to my badmailfrom and still got this last message. What gives? If I telnet to the box and try to send in a message as him, it gets kicked out, why doesn't the real message get kicked out? It's being sent to you from the address [EMAIL PROTECTED] (72197 is the message number on the list). badmailfrom checks on the envelope address. You have to filter during some delivery phase. /magnus
Re: badmailfrom didn't work
On 26 Jul 2001, at 8:35, Gary MacKay wrote: OK. I added this '[EMAIL PROTECTED]' dude to my badmailfrom and still got this last message. What gives? If I telnet to the box and try to send in a message as him, it gets kicked out, why doesn't the real message get kicked out? I did the same and had the same problem... I think it's because qmail checks the Return-Path address with the badmailfrom list. And becasue these messages are going through the qmail-list the Return-Path address is modified for each member of the mailing list. for example, the Return-Path for message I receive is as follows. Return-Path: [EMAIL PROTECTED] So if I put this in the badmailfrom I'd be blocking all mail from te list. If anyone comes up with another solution, please post... Dean Dean Staff Protus IP Solutions 210 - 2379 Holly Lane Ottawa, ON K1V 7P2 Canada 613-733- ex 546 Fax 613-248-4553 e-mail: [EMAIL PROTECTED] Web: http://www.protus.com
Re: badmailfrom didn't work
* Gary MacKay [EMAIL PROTECTED] [010726 10:53]: OK. I added this '[EMAIL PROTECTED]' dude to my badmailfrom and still got this last message. What gives? badmailfrom operates on the MAIL FROM: parameter of the SMTP conversation. For ezmlm lists, the MAIL FROM: (or ``envelope sender'' or ``address in the Return-Path header'') is a VERP-encoded address, like: [EMAIL PROTECTED] where NN is the message number in question. The original idea was to add ``[EMAIL PROTECTED]'' to badmailfrom on the server running the qmail list itself (Dan's server). This would block the mail. /pg -- Peter Green : Architekton Internet Services, LLC : [EMAIL PROTECTED] --- On a normal ascii line, the only safe condition to detect is a 'BREAK' - everything else having been assigned functions by Gnu EMACS. (By Tarl Neustaedter)
RE: badmailfrom didn't work
The same for me, but I have the qmail box as a relayer only. The last mail should have been blocked anyhow. What gives? =) With Best Regards, Peter Fredriksson Compu-Mark Nordic AB Email: [EMAIL PROTECTED] Phone: +46-8-4417730 Fax:+46-8-6980909 ICQ#: 6166226 -Original Message- From: Gary MacKay [mailto:[EMAIL PROTECTED]] Sent: den 26 juli 2001 14:35 To: [EMAIL PROTECTED] Subject: badmailfrom didn't work OK. I added this '[EMAIL PROTECTED]' dude to my badmailfrom and still got this last message. What gives? If I telnet to the box and try to send in a message as him, it gets kicked out, why doesn't the real message get kicked out? - Gary
RE: badmailfrom didn't work
HUP'ing is NOT necessary for badmailfrom. It gets used with each new call to qmail-smtpd. -- Michael Boyiazis [EMAIL PROTECTED] Mail Architect, NetZero, Inc. -Original Message- From: zyrtaf [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 26, 2001 7:56 AM To: Gary MacKay Cc: [EMAIL PROTECTED] Subject: Re: badmailfrom didn't work did you killall -HUP qmail-send? - Original Message - From: Gary MacKay [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, July 26, 2001 2:35 PM Subject: badmailfrom didn't work OK. I added this '[EMAIL PROTECTED]' dude to my badmailfrom and still got this last message. What gives? If I telnet to the box and try to send in a message as him, it gets kicked out, why doesn't the real message get kicked out? - Gary
RE: badmailfrom didn't work
I have added the following to my .qmail: |/usr/bin/perl -e while () {chomp; if (/^From:.*wilson\@souzaramos\.com\.br.*/) { return 99; } if ( length == 0 ) { return 0; } } return 0; Essentially, this drops the email on the floor if it's from this wilson dude, otherwise proceed. (I had to drop it on the floor lest it bounce back to [EMAIL PROTECTED] and remove me!) It should work, but if a second pair of eyes sees something wrong let me know. -Original Message- From: Michael Boyiazis [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 26, 2001 10:38 AM To: [EMAIL PROTECTED] Subject: RE: badmailfrom didn't work HUP'ing is NOT necessary for badmailfrom. It gets used with each new call to qmail-smtpd. -- Michael Boyiazis [EMAIL PROTECTED] Mail Architect, NetZero, Inc. -Original Message- From: zyrtaf [mailto:[EMAIL PROTECTED]] Sent: Thursday, July 26, 2001 7:56 AM To: Gary MacKay Cc: [EMAIL PROTECTED] Subject: Re: badmailfrom didn't work did you killall -HUP qmail-send? - Original Message - From: Gary MacKay [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Thursday, July 26, 2001 2:35 PM Subject: badmailfrom didn't work OK. I added this '[EMAIL PROTECTED]' dude to my badmailfrom and still got this last message. What gives? If I telnet to the box and try to send in a message as him, it gets kicked out, why doesn't the real message get kicked out? - Gary Notice: This e-mail and any attachments are intended only for the individual or company to which it is addressed and may contain information which is privileged, confidential and prohibited from disclosure or unauthorized use under applicable law. If you are not the intended recipient of this e-mail, you are hereby notified that any use, dissemination, or copying of this e-mail or the information contained in this e-mail is strictly prohibited by the sender. If you have received this transmission in error, please return the material received to the sender and delete all copies from your system. Thank you.
Re: badmailfrom
Tom Beer [EMAIL PROTECTED] wrote: What I want is to block specific domains / addresses. This is not, in first instance, related to blocking spam. Now the problem is, that fetchmail, if receiving a badmailfrom request from qmail-smtpd stops delivering. That's the way fetchmail works if you've got it configured to deliver by re-injecting with SMTP -- every message it tries to deliver has to be successfully accepted by the SMTP server, or it stops working. If you don't like this behaviour, don't deliver by SMTP injection, or stop using fetchmail. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ ---
Re: badmailfrom
On Wed, Jun 27, 2001 at 10:09:00AM -, [EMAIL PROTECTED] wrote: Hi, I have the following in control/badmailfrom as shown by qmail-showctl: badmailfrom: [EMAIL PROTECTED] not accepted in MAIL FROM. Hahaha [EMAIL PROTECTED] not accepted in MAIL FROM. Yet messages with the following headers still get through: --- Below this line is the original bounce. Return-Path: Received: (qmail 24147 invoked from network); 27 Jun 2001 09:32:49 - Received: from 046.ro00.dial.iqnet.net.au (HELO default) (203.132.93.46) by mail-x1.iqnet.net.au with SMTP; 27 Jun 2001 09:32:49 - From: Hahaha [EMAIL PROTECTED] Subject: Snowhite and the Seven Dwarfs - The REAL story! MIME-Version: 1.0 Content-Type: multipart/mixed; boundary=--VEOD2BWLUV Is this due to the Return-Path: or is badmailfrom not behaving? It is due to the Return-Path; badmailfrom works on the envelope-sender, not the From: header. Vince.
Re: badmailfrom file and subdomains
audit [EMAIL PROTECTED] wrote: I've been working on getting my badmailfrom file setup and would like to block a entire domain from connecting. badmailfrom won't block anyone from *connecting*. I've tried the following @*.domain.net Nope. badmailfrom doesn't support domain wildcards. I would also like to add the entire RBL lists but can't seem to find a file where I can download it. Is this possible without messing the my DNS records? Try installing rblsmtpd from ucspi-tcp. -Dave
Re: badmailfrom
* audit [EMAIL PROTECTED] [010512 19:39]: I was wondering if I can put just a domain in the /var/qmail/control/badmailfrom file Yes. You have to start it with an @. @yahoo.com will block all mail where the envelope sender address is [EMAIL PROTECTED] Note that you are blocking envelope sender addresses, not sending hosts. -Johan -- Johan Almqvist http://www.almqvist.net/johan/qmail/ PGP signature
Re: Badmailfrom for entire domain/sub_domain
Unsubscribe [EMAIL PROTECTED] #t 19:01 07/05/2001 -0700, admin wrote: Hi Guys; I am getting annoying emails comming from [EMAIL PROTECTED] and this guys change the address the next week to be [EMAIL PROTECTED] I really want domain.com blocked!! and badmailfrom only handles individual emails how can I block *@domain.com. RBL is solution but some of this guys are not on the list (yet). Thank! Dan
RE: Badmailfrom for entire domain/sub_domain
man qmail-smtpd: A line in badmailfrom may be of the form @host, meaning every address at host. -= Brad Schuetz =-==-= [EMAIL PROTECTED] =- -Original Message- From: admin [mailto:[EMAIL PROTECTED]] Sent: Monday, May 07, 2001 7:02 PM To: [EMAIL PROTECTED] Subject: Badmailfrom for entire domain/sub_domain Hi Guys; I am getting annoying emails comming from [EMAIL PROTECTED] and this guys change the address the next week to be [EMAIL PROTECTED] I really want domain.com blocked!! and badmailfrom only handles individual emails how can I block *@domain.com. RBL is solution but some of this guys are not on the list (yet). Thank! Dan
Re: Badmailfrom for entire domain/sub_domain
On Mon, May 07, 2001 at 07:01:29PM -0700, admin wrote: Hi Guys; I am getting annoying emails comming from [EMAIL PROTECTED] and this guys change the address the next week to be [EMAIL PROTECTED] I really want domain.com blocked!! and badmailfrom only handles individual emails how can I block *@domain.com. But badmailfrom can block @domain.com, check the qmail-smtpd man page. By the way, if you have problems with @domain.com why not mail the address listed in whois for domain.com, [EMAIL PROTECTED], and file an abuse complaint. Or if the envelope sender is forged, track down the abuse desk by IP and pester them, perhaps giving [EMAIL PROTECTED] a heads up.
Re: badmailfrom...
On Mon, Feb 05, 2001 at 03:24:26PM -0500, Jean Caron wrote: Would this be valid in control/badmailfrom; @*.cn ? No it isn't. If not, is there an equivalent ? Not with an unmodified qmail version. There exist addons to support wildcard matching ... www.qmail.org should list some. I've seen enough spam from those little I doubt that woul really help. Most SPAM I see is relayed through *.cn servers but badmailfrom only goes for envelope senders (which mostly always have no *.cn addresses). You may try plugging rblsmtpd in http://cr.yp.to/ucspi-tcp/rblsmtpd.html from the ucspi-tcp package at http://cr.yp.to/ucspi-tcp.html and set RBLSMTPD for *.cn netblocks using tcpservers rules (-x flag). \Maex -- SpaceNet AG| Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0 Research Development | D-80807 Muenchen| Fax: +49 (89) 32356-299 Stress is when you wake up screaming and you realize you haven't fallen asleep yet.
Re: badmailfrom for qmail-qmtpd
On Wed, Jan 10, 2001 at 11:18:03PM +0100, Peter van Dijk wrote: Johan apparently did something wrong, the patch itself 403's. It's on http://www.dataloss.net/qmtpd-badmailfrom-1.1.patch for now. mutt's paranoid umask got in my way. A chmod 644 later, all is in order. Sorry 'bout that. -Johan -- Johan Almqvist http://www.almqvist.net/johan/qmail/ PGP signature
Re: badmailfrom for qmail-qmtpd
On Wed, Jan 10, 2001 at 09:30:48PM +0100, Peter van Dijk wrote: I patched qmail-qmtpd to respect badmailfrom like qmail-smtpd does. Also fixed qmail-qmtpd.8 and qmail-control.9. The patch is on Johan's QMTP page, http://www.almqvist.net/johan/qmail/qmail-qmtpc.html Johan apparently did something wrong, the patch itself 403's. It's on http://www.dataloss.net/qmtpd-badmailfrom-1.1.patch for now. Greetz, Peter.
Re: badmailfrom
Matthew Harrell writes: ` : : Instead, you might want to prohibit mail from : :200.189.209.130 : : instead. Of course this will stop all mail from that IP address and : you might want that other mail. : I've got a question about this. I still get mail from an old work address and occasionally get spam from that address. tcp.smtp seems to only deny mail from the machine directly sending to you - do you know a way to drop mail that's been passed through a trusted server? Yes. Configure the 'trusted' server to block mail from that host. If you can't do that, use procmail (with a recipe that parses Received: lines). Vince.
Re: badmailfrom
: : Instead, you might want to prohibit mail from : :200.189.209.130 : : instead. Of course this will stop all mail from that IP address and : you might want that other mail. : I've got a question about this. I still get mail from an old work address and occasionally get spam from that address. tcp.smtp seems to only deny mail from the machine directly sending to you - do you know a way to drop mail that's been passed through a trusted server? Thanks -- Matthew Harrell Preserve wildlife -- Bit Twiddlers, Inc. pickle a squirrel today! [EMAIL PROTECTED]
Re: badmailfrom
On Mon, 4 Dec 2000, Ari Arantes Filho wrote: Hi, I'm receiving a virus from [EMAIL PROTECTED], No you're not! You're receiving mail from a null address. Examine the Return-Path: Return-Path: There is no address here. qmail-smtpd only looks at the envelope sender address (as supplied by the "mail from:" part of the transaction). It compares the address provided here with badmailfrom. You can't use badmailfrom to stop null addresses (and in general you shouldn't stop them anyway because a legitimate bounce is sent with a null sender). Instead, you might want to prohibit mail from 200.189.209.130 instead. Of course this will stop all mail from that IP address and you might want that other mail. I've already inserted this email in badmailfrom, the qmail was restarted and I'm still receiving this virus. In the header below you can see that the user doesn't exist, there is a 3D caracter in the beginning of the email address, so the address is unknowm, but even inserted in badmailfrom I've receive order mails from this guy. Here goes the header: Return-Path: Received: (qmail 14547 invoked by uid 0); 4 Dec 2000 21:26:48 - Received: from unknown (HELO mail01.osite.com.br) (200.189.209.130) by mail.doctordata.com.br with SMTP; 4 Dec 2000 21:26:48 - Received: from clipping (a09029.dial-pn.impsat.com.br [200.189.200.29]) by mail01.osite.com.br (8.9.1b+Sun/8.9.3) with SMTP id SAA14499 for [EMAIL PROTECTED]; Mon, 4 Dec 2000 18:49:02 -0200 (EDT) Date: Mon, 4 Dec 2000 18:49:02 -0200 (EDT) Message-Id: [EMAIL PROTECTED] From: Hahaha [EMAIL PROTECTED] Subject: Branca de Neve pornô! MIME-Version: 1.0 -- Regards Peter -- Peter Samuel[EMAIL PROTECTED] http://www.e-smith.org (development)http://www.e-smith.com (corporate) Phone: +1 613 368 4398 Fax: +1 613 564 7739 e-smith, inc. 1500-150 Metcalfe St, Ottawa, ON K2P 1P1 Canada "If you kill all your unhappy customers, you'll only have happy ones left"
Re: badmailfrom
I've seen a few of these... its a new virus I guess. It's not 'from' them at all... Paul Farber Farber Technology [EMAIL PROTECTED] Ph 570-628-5303 Fax 570-628-5545 On Mon, 4 Dec 2000, Ari Arantes Filho wrote: Hi, I'm receiving a virus from [EMAIL PROTECTED], I've already inserted this email in badmailfrom, the qmail was restarted and I'm still receiving this virus. In the header below you can see that the user doesn't exist, there is a 3D caracter in the beginning of the email address, so the address is unknowm, but even inserted in badmailfrom I've receive order mails from this guy. Here goes the header: Return-Path: Received: (qmail 14547 invoked by uid 0); 4 Dec 2000 21:26:48 - Received: from unknown (HELO mail01.osite.com.br) (200.189.209.130) by mail.doctordata.com.br with SMTP; 4 Dec 2000 21:26:48 - Received: from clipping (a09029.dial-pn.impsat.com.br [200.189.200.29]) by mail01.osite.com.br (8.9.1b+Sun/8.9.3) with SMTP id SAA14499 for [EMAIL PROTECTED]; Mon, 4 Dec 2000 18:49:02 -0200 (EDT) Date: Mon, 4 Dec 2000 18:49:02 -0200 (EDT) Message-Id: [EMAIL PROTECTED] From: Hahaha [EMAIL PROTECTED] Subject: Branca de Neve pornô! MIME-Version: 1.0
Re: badmailfrom
On Mon, Dec 04, 2000 at 07:41:36PM -0300, Ari Arantes Filho wrote: Hi, I'm receiving a virus from [EMAIL PROTECTED], I've already inserted this email in badmailfrom, the qmail was restarted and I'm still receiving this virus. In the header below you can see that the user doesn't exist, there is a 3D caracter in the beginning of the email address, so the address is unknowm, but even inserted in badmailfrom I've receive order mails from this guy. Here goes the header: Return-Path: [snip] From: Hahaha [EMAIL PROTECTED] qmail-smtpd rejects messages with an envelope sender (return-path) listed in badmailfrom, and does not act on the message From: header. To block mail from this guy, you would need to block mail with the null envelope sender (), which is certainly not what you want. PGP signature
Re: badmailfrom
The name of the file "badmailfrom" can be a bit deceptive as many people think it applies to the "From: " header. In fact it applies to the return path address supplied by the "MAIL FROM: " command in SMTP. To use badmailfrom you have to use the address that shows up on that SMTP command, which in the case of qmail is stored in the "Return-Path: " header. If you look at your headers you'll see the bad news that the "Return-Path: " header is empty which means it's not blockable with badmailfrom. Bad luck. As you've probably gathered spam is a pain to minimize. Regards. On Mon, Dec 04, 2000 at 07:41:58PM -0300, Ari Arantes Filho wrote: Hi, I'm receiving a virus from [EMAIL PROTECTED], I've already inserted this email in badmailfrom, the qmail was restarted and I'm still receiving this virus. In the header below you can see that the user doesn't exist, there is a 3D caracter in the beginning of the email address, so the address is unknowm, but even inserted in badmailfrom I've receive order mails from this guy. Here goes the header: Return-Path: Received: (qmail 14547 invoked by uid 0); 4 Dec 2000 21:26:48 - Received: from unknown (HELO mail01.osite.com.br) (200.189.209.130) by mail.doctordata.com.br with SMTP; 4 Dec 2000 21:26:48 - Received: from clipping (a09029.dial-pn.impsat.com.br [200.189.200.29]) by mail01.osite.com.br (8.9.1b+Sun/8.9.3) with SMTP id SAA14499 for [EMAIL PROTECTED]; Mon, 4 Dec 2000 18:49:02 -0200 (EDT) Date: Mon, 4 Dec 2000 18:49:02 -0200 (EDT) Message-Id: [EMAIL PROTECTED] From: Hahaha [EMAIL PROTECTED] Subject: Branca de Neve pornô! MIME-Version: 1.0
Re: badmailfrom
Alex Pennace [EMAIL PROTECTED] writes: qmail-smtpd rejects messages with an envelope sender (return-path) listed in badmailfrom, and does not act on the message From: header. To block mail from this guy, you would need to block mail with the null envelope sender (), which is certainly not what you want. I could block a particular domain by putting the appropriate line into the tcp.smtp database source and recompile the CDB. But that is at least a 2 step process and not as simple as echo "spam.more.com" /var/qmail/control/badmailfrom Is there a simpler way of filtering on the information that qmail puts into the ``Received:'' header? Received: from spam.more.com (123.213.132.231) by my.server.com with SMTP; 5 Dec 2000 00:07:01 - -- Manfred
Re: badmailfrom
On Fri, Nov 17, 2000 at 07:07:36PM -, Kevin Smith wrote: Hi All, The file badmailfrom in the /var/qmail/control directory, how do I enter only a domain name to stop receiving mail, instead of enter the full email address? I've tried the following : *@domain.com [EMAIL PROTECTED] Which does work, any ideas? I know it's cheating, but I believe that the manpage for qmail-smtpd tells you exactly what to do. Regards.
Re: badmailfrom not working..
On Wed, Sep 27, 2000 at 02:11:41PM -0500, Enrique Vadillo wrote: Hi, I am using qmail 1.03 along with tcpserver, the problem i have is that apparently my ~qmaild/control/badmailfrom file is not blocking anything at all, for instance i have tried sending mail from some remote unauthorized location as '[EMAIL PROTECTED]' which *IS* listed in that file and the sender -unexpectedly- is acepted: % telnet myhost.mydomain 25 Connected. Well. If you had given us your real details we could have worked out what was happening because... 220 myhost.mydomain ESMTP ... mail from: [EMAIL PROTECTED] 250 ok ...that does not test it. But we can't really tell for you. Did you consider giving us real details so that we can help? Besides, command "ls -lu ~qmaild/control/badmailfrom" reports that the file is not even being read, am i missing something somewhere? Your missing on giving us real information. Regards.
Re: badmailfrom
And anyone who how to block a sender with badmailfrom? Regards, Chris.
Re: badmailfrom
[EMAIL PROTECTED] [EMAIL PROTECTED] wrote: And anyone who how to block a sender with badmailfrom? badmailfrom won't allow you to block the sender "" because it is required by the RFCs. "" is the envelope sender which is used for bounces, and the RFC requires that the MTA accept messages from that address. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: badmailfrom
On Wed, Mar 22, 2000 at 11:34:05AM +, [EMAIL PROTECTED] wrote: I want to block all mail coming into my server that has a return path of ... No you don't. You're required to accept empty envelope senders. That's how bounces are sent. Chris
Re: badmailfrom
[EMAIL PROTECTED] wrote: I want to block all mail coming into my server that has a return path of ... That's a very bad idea. Bounces have that return path. Rejecting them will violate the protocol and prevent you from receiving bounces. What rule would I need in badmailfromto do this? Can't do it using badmailfrom. -Dave
Re: badmailfrom
Do NOT block mail with a return path of . These are error messages and RFC 821 and 1123 require you to accept these messages. This is the ONLY way your users have of knowing that a message they sent could not be delivered. On Wed, 22 Mar 2000 [EMAIL PROTECTED] wrote: I want to block all mail coming into my server that has a return path of ... These show up in the logs as . bytes 8798 from qd 8 uid 8327 What rule would I need in badmailfromto do this? Thanks VERy much your help. Wil. - This message was sent using Imaginet WebMail. http://www.imag.net/ - Timothy L. Mayo mailto:[EMAIL PROTECTED] Senior Systems Administrator localconnect(sm) http://www.localconnect.net/ The National Business Network Inc. http://www.nb.net/ One Monroeville Center, Suite 850 Monroeville, PA 15146 (412) 810- Phone (412) 810-8886 Fax
Re: badmailfrom
Hmmm.. I thought I saw something, somewhere amongst this list that does that sort of thing.. .oO( or was that for locals? ) badmailfrom doesn't do any sort of wildcarding. Your best bet is probably to check http://www.qmail.org/ and see if there's a patch to do that sort of thing . I wrote a quick hack to reject mail from specific users or entire domains (using regular expressions) but it's intended to be used in a .qmail file. :-/ Cheers, k /* ** Keith Warno ** Make Us An Offer, Inc. ** Real-Time Online Haggling ** http://www.HaggleWare.com/ */ - Original Message - From: "Jim Koutoumis" [EMAIL PROTECTED] To: "'QMAIL- list'" [EMAIL PROTECTED] Sent: 13 February 2000, Sunday 16:39 Subject: badmailfrom | Hi all, | | I'm looking for an easy way to reject mail from specific domains, but I'd | like to capture the WHOLE domain, even if there's sub-domains or variable | hosts present in the envelope. | | Basically: | [EMAIL PROTECTED] | | I know I can: | @domain | @sub.domain | user@domain | | To catch a complete domain, sub-domain or an individual. | | But, is it possible to accommodate a variable host, or further sub-domains | ?? | | eg. | @sub1.domain | @sub2.domain | @host1.sub1.domain | @host2.sub1.domain | | Can I reject all of the above with a simple one-liner ?? | | Guess I'm asking if badmailfrom does any form of 'wildcarding' ?? | | If not,... is bmfcheck region within qmail-smtpd.c the right place for this | to be accommodated ?? | | I'd like to be able to put a one-liner entry like just ".domain" and then | have it all silently never get seen. | | Thanks in advance, | | Jim. |
Re: badmailfrom
On Fri, Nov 12, 1999 at 02:46:21AM +0300, Eldar Imangulov wrote: what is the format of badmailfrom file? Two possibilities: @host.example.com [EMAIL PROTECTED] No wildcards, no subdomains etc. However there are patches (surely found on www.qmail.org) that enhance badmailfrom capabilities. \Maex -- SpaceNet GmbH | http://www.Space.Net/ | Yeah, yo mama dresses Research Development| mailto:[EMAIL PROTECTED] | you funny and you need Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0| a mouse to delete files D-80807 Muenchen | Fax: +49 (89) 32356-299 |
Re: Badmailfrom Questions
On Fri, Mar 12, 1999 at 12:03:35PM -0800, Kai MacTane wrote: Hello, Folks-- I have a couple of questions about the control/badmailfrom file: 1) As long as it's readable by qmail, does its ownership matter? Nope. 2) Which part of qmail needs to read it? My quick scan of the docs says qmail-smtpd is the only thing that looks at control/badmailfrom, but I'd like to double-check. Only qmail-smtpd reads it. 3) Will control/badmailfrom take regexes or any other form of pattern matching besides the simple "@host" that matches all addresses at a given host? Since it appears not, are there any patches to enable this? The only things you can have in badmailfrom are user@host or @host. I do recall seeing some patches to allow regexes; check www.qmail.org. 4) After altering it, I don't need to restart anything, right? Right. It's reread every time a new qmail-smtpd is run. Chris
Re: badmailfrom
On Thu, Feb 25, 1999 at 04:00:11PM -0500, Ray Belleville wrote: Question What exactly is this filtering on. The man says the envelope addresses, but is that the From: Received: X-Sender Return-PATH. It looks at the envelope address, at the time it's provided during the SMTP conversation. Is there a way to deny mail that originated or crosses a specific relay server? If you're using tcpserver, you can either deny connections from that relay, or bounce mail from that relay if you use Russ Nelson's BOUNCEMAIL patch. This doesn't constitute denying mail that "originated or crosses" a particular relay--you only block stuff coming directly from that relay. Chris
Re: badmailfrom question
On Wed, Feb 24, 1999 at 02:57:19AM +0800, [EMAIL PROTECTED] wrote: are the messages from the addresses in /var/qmail/control/badmailfrom automatically bounced or do they just go to /dev/null? The sender is rejected at the SMTP level. The sender says: MAIL FROM:[EMAIL PROTECTED] and qmail-smtpd responds: 553 sorry, your envelope sender is in my badmailfrom list (#5.7.1) End of story. Chris
Re: badmailfrom question
On Wed, Feb 24, 1999 at 02:57:19AM +0800, [EMAIL PROTECTED] wrote: are the messages from the addresses in /var/qmail/control/badmailfrom automatically bounced or do they just go to /dev/null? The sender is rejected at the SMTP level. The sender says: MAIL FROM:[EMAIL PROTECTED] and qmail-smtpd responds: 553 sorry, your envelope sender is in my badmailfrom list (#5.7.1) End of story. Is there anyway to have qmail use badmailfrom on the from line in the header? The spammers are forging the envelopes so the envelopes are pretty useless these days for filtering. (I've always referred to the "From " line as the envelope sender and called the "From:" line in the header the header from line.) -- Richard Shetron [EMAIL PROTECTED] [EMAIL PROTECTED] What is the Meaning of Life? There is no meaning, It's just a consequence of complex carbon based chemistry; don't worry about it The Super 76, "Free Aspirin and Tender Sympathy", Las Vegas Strip.
Re: badmailfrom question
On Tue, Feb 23, 1999 at 02:02:35PM -0500, Richard Shetron wrote: On Wed, Feb 24, 1999 at 02:57:19AM +0800, [EMAIL PROTECTED] wrote: are the messages from the addresses in /var/qmail/control/badmailfrom automatically bounced or do they just go to /dev/null? The sender is rejected at the SMTP level. The sender says: MAIL FROM:[EMAIL PROTECTED] and qmail-smtpd responds: 553 sorry, your envelope sender is in my badmailfrom list (#5.7.1) End of story. Is there anyway to have qmail use badmailfrom on the from line in the header? The spammers are forging the envelopes so the envelopes are pretty useless these days for filtering. Nope. qmail-smtpd doesn't look at the address headers. For this task you'll probably need a mail delivery agent with filtering like maildrop or procmail. Chris
Re: badmailfrom question
MAIL FROM:[EMAIL PROTECTED] Is there anyway to have qmail use badmailfrom on the from line in the header? The spammers are forging the envelopes so the envelopes are pretty useless these days for filtering. The From line *is* the envelope sender, which is coming from the MAIL FROM during the smtp conversation. It is not the From: header. Mate
Re: badmailfrom question
Is there anyway to have qmail use badmailfrom on the from line in the header? The spammers are forging the envelopes so the envelopes are pretty useless these days for filtering. Nope. qmail-smtpd doesn't look at the address headers. For this task you'll probably need a mail delivery agent with filtering like maildrop or procmail. What the original post said does not make much sense: the From line *is* the envelope sender's address. Mate
Re: badmailfrom question
From: Mate Wierdl [EMAIL PROTECTED] :What the original post said does not make much sense: the From line :*is* the envelope sender's address. No it's not. If I put [EMAIL PROTECTED] in my badmailfrom, I will still get messages that you send to the qmail list. But those messages will still say: From: Mate Wierdl [EMAIL PROTECTED] The envelope sender will be: [EMAIL PROTECTED] --Adam
Re: badmailfrom question
From: Mate Wierdl [EMAIL PROTECTED] :I do not understand what you are talking about: I am talking about :From line, not From: header. The other guy wants badmailfrom to work on the From: line. Not the From: header (i.e. the From: line in the body of the message) At least that's how I understood his question. Basically the answer is that qmail doesn't do that. I am pretty sure maildrop does though. :Mate --Adam