On Tue, 28 Nov 2006, Steven W. Orr wrote: > Spam comes in to steveo from [EMAIL PROTECTED] and I want to > reject it because it's coming from an address that doesn't exist. > Sendmail does not support this; i.e., it can only reject mail *to* > an address that doesn't exist. > > Is there a way to do this?
First off, what exactly do you mean by "does not exist"? The domain is not registered? Or the username is not valid within the domain? Sendmail does have configuration to ensure mail from domains that fail a DNS lookup (e.g. the domain does not exist) is not accepted. This is the default behavior; if you have defined FEATURE(`accept_unresolvable_domains') in your sendmail.mc you have disabled it. If you want to only accept mail from valid user names in foreign domains, that's more of a problem. Very few sendmail installs these days enable VRFY, in order to cut down on dictionary attacks. The only semi-reliable way to check whether a given alias at a foreign domain exists is to start an SMTP session and send a RCPT TO: and see if it is accepted. And this isn't necessarily reliable because the public-facing MX may not know who valid users are, it may accept all emssages and then a later, more-inner MX that does know who is valid may reject based on valid recipients. I don't know whether sendmail natively supports doing this (which I doubt), and if so, how to enable it. Many admins consider doing this automatically to be impolite, as it can effectively be a DDoS vector. -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ [EMAIL PROTECTED] FALaholic #11174 pgpk -a [EMAIL PROTECTED] key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- "Bother," said Pooh as he struggled with /etc/sendmail.cf, "it never does quite what I want. I wish Christopher Robin was here." -- Peter da Silva in a.s.r ----------------------------------------------------------------------- 27 days until Christmas
