badrcptto
Ok, so I got the badrcptto patch working. It doesn't look like it will do partial addresses. You know how badmailfrom will let you just put in @domain.com. I was hoping that this patch might let you put in user@ and reject all mail for that user regardless of domain. I don't really follow the C code well, so I don't see how to do this. Any ideas? Brian Moon -- dealnews.com, Inc. Makers of dealnews, dealmac http://dealnews.com/ | http://dealmac.com/
Re: badrcptto
Ok, I am looking really hard at the code here. It looks like the @ magic of badmailfrom is somewhere in here which was copied directly for badrcpto: j = byte_rchr(addr.s,addr.len,'@'); if (j addr.len) if (constmap(mapbrt,addr.s + j,addr.len - j - 1)) return 1; I am still not sure exactly what this is saying though. I know in psuedo code terms, but I can not figure out how to change it to make it work at matching user@. Any ideas? Brian Moon -- dealnews.com, Inc. Makers of dealnews, dealmac http://dealnews.com/ | http://dealmac.com/ - Original Message - From: Brian Moon [EMAIL PROTECTED] To: qmail [EMAIL PROTECTED] Sent: Tuesday, May 22, 2001 3:49 AM Subject: badrcptto Ok, so I got the badrcptto patch working. It doesn't look like it will do partial addresses. You know how badmailfrom will let you just put in @domain.com. I was hoping that this patch might let you put in user@ and reject all mail for that user regardless of domain. I don't really follow the C code well, so I don't see how to do this. Any ideas? Brian Moon -- dealnews.com, Inc. Makers of dealnews, dealmac http://dealnews.com/ | http://dealmac.com/
Re: badrcptto
James R Grinter wrote The list is based on .qmail with all recipients names. I was thinking to block people from sending to his list, read a little ezmlm-idx, but couldn't find a satisfactory solution with it. in .qmail-whatever: |(validate-mail || exit 100) #real list of stuff from hereon Where validate-mail is a program that checks some appropriate criteria (sender, contents of headers, etc) and exits with an appropriate exit code (in the above example exitting with 0 would mean that the message was ok to go) Well, I thought of it myself, but this protects from random people sending e-mail to the address I want to protect, but will not help if someone deliberatelly targets this address - forgind the sender or headers is a piece of cake, where filtering by RELAYCLIENT will assure that the person sending the e-mail has a valid account at my server, and I can get him for anything "un_smart" he might do, and as i understand you do not have RELAYCLIENT in the final delivery stage, so validate-mail cannot help . Anyway, I have already wrote the patch and using it, and I see it's use for others too, for example that thread about sending e-mail to a fax, which was proclamed as a "security nightmare" on the list an hour ago.
Re: badrcptto
Alex Kramarov [EMAIL PROTECTED] writes: The list is based on .qmail with all recipients names. I was thinking to block people from sending to his list, read a little ezmlm-idx, but couldn't find a satisfactory solution with it. in .qmail-whatever: |(validate-mail || exit 100) #real list of stuff from hereon Where validate-mail is a program that checks some appropriate criteria (sender, contents of headers, etc) and exits with an appropriate exit code (in the above example exitting with 0 would mean that the message was ok to go) Russell Nelson has given some very good examples of validation in the past - check the list archives. James.
badrcptto
I just had a virus sent to a distribution list, that is supposed to be for my organisation internal use only and includes all of my server recipients. The list is based on .qmail with all recipients names. I was thinking to block people from sending to his list, read a little ezmlm-idx, but couldn't find a satisfactory solution with it. I recieve mail only through SMTP, so I was thinking : basically I need to allow sending to this list only from MY users, and because I know MY users by RELAYCLIENT, the easyest way seems to put the list name in badrcptto and edit the badrcptto patch to do the checking only is RELAYCLIENT not set. Anyone can think of a better way ?
Followup: badrcptto
Since I have recieved no other suggestions on my prevous mail, I have altered the badrcptto patch to support the behavour described before (do not apply badrcptto rules if RELAYCLIENT is set). If anyone is interested, the patch can be found at http://212.179.48.82/badrcptto/ -Original Message- From: Alex Kramarov Sent: Tuesday, February 20, 2001 6:15 PM To: '[EMAIL PROTECTED]' Subject: badrcptto I just had a virus sent to a distribution list, that is supposed to be for my organisation internal use only and includes all of my server recipients. The list is based on .qmail with all recipients names. I was thinking to block people from sending to his list, read a little ezmlm-idx, but couldn't find a satisfactory solution with it. I recieve mail only through SMTP, so I was thinking : basically I need to allow sending to this list only from MY users, and because I know MY users by RELAYCLIENT, the easyest way seems to put the list name in badrcptto and edit the badrcptto patch to do the checking only is RELAYCLIENT not set. Anyone can think of a better way ?
Re: inconsistency using qmail/Spamcontrol badrcptto
Hi, actually, this was a small bug in this early version of SPAMCONTROL. Please upgrade to a new one. You find the current releases at: http://www.fehcom.de/qmail Thanks for using SPAMCONTROL. cheers. eh. At 02:46 1.12.2000 +0100, Markus Stumpf wrote: On Wed, Nov 29, 2000 at 02:41:13PM -0800, Russ Ringer wrote: I'm using qmail 1.03/spamcontrol 1.03 (yes, I know, I haven't put in 1.04 yet) and have a list of invalid names in badrcptto. It works most of the time, but occasionally, mail comes through to the bad rcptto name. The maillog shows the mail was blocked due to invalid recipient address, but it gets delivered anyway. I examined the mail and the rcpt to: match the file and the msg/log timestamps match. If it slipped through you should see some information in the logfiles right after the reject line like : new msg 27065 info msg 27065: bytes 2462 from [EMAIL PROTECTED] qp 1469 uid 101 starting delivery 711036: msg 27065 to local [EMAIL PROTECTED] delivery 711036: success: did_1+0+0/ end msg 27065 Could you please send those and also the line with the reject message and the reject pattern? \Maex -- SpaceNet AG | http://www.Space.Net/ | Stress is when you wake Research Development| mailto:[EMAIL PROTECTED] | up screaming and you Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0| realize you haven't D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet. +---+ | fffhh http://www.fehcom.deDr. Erwin Hoffmann | | ff hh| | ffeee ccc ooomm mm mm Wiener Weg 8 | | fff ee ee hh hh cc oo oo mmm mm mm 50858 Koeln| | ff ee eee hh hh cc oo oo mm mm mm| | ff eee hh hh cc oo oo mm mm mm Tel 0221 484 4923 | | ff hh hhccc ooomm mm mm Fax 0221 484 4924 | +---+
Re: inconsistency using qmail/Spamcontrol badrcptto
On Wed, Nov 29, 2000 at 02:41:13PM -0800, Russ Ringer wrote: I'm using qmail 1.03/spamcontrol 1.03 (yes, I know, I haven't put in 1.04 yet) and have a list of invalid names in badrcptto. It works most of the time, but occasionally, mail comes through to the bad rcptto name. The maillog shows the mail was blocked due to invalid recipient address, but it gets delivered anyway. I examined the mail and the rcpt to: match the file and the msg/log timestamps match. If it slipped through you should see some information in the logfiles right after the reject line like : new msg 27065 info msg 27065: bytes 2462 from [EMAIL PROTECTED] qp 1469 uid 101 starting delivery 711036: msg 27065 to local [EMAIL PROTECTED] delivery 711036: success: did_1+0+0/ end msg 27065 Could you please send those and also the line with the reject message and the reject pattern? \Maex -- SpaceNet AG | http://www.Space.Net/ | Stress is when you wake Research Development| mailto:[EMAIL PROTECTED] | up screaming and you Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0| realize you haven't D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
inconsistency using qmail/Spamcontrol badrcptto
I'm using qmail 1.03/spamcontrol 1.03 (yes, I know, I haven't put in 1.04 yet) and have a list of invalid names in badrcptto. It works most of the time, but occasionally, mail comes through to the bad rcptto name. The maillog shows the mail was blocked due to invalid recipient address, but it gets delivered anyway. I examined the mail and the rcpt to: match the file and the msg/log timestamps match. This is not a major problem, but it is puzzling. Any of you wizards care to speculate as to how/why this happens? --Russ Ringer
