unixwiz

One of the things I have noticed with running mail servers that handle over 500,000 messages a day, is that spam programs do not follow SMTP rules very well. One of them that they do not follow is the rule of not to start sending anything until they are greeted. Lucky that the new versions of sendmail have an option that you can use in your .mc file to block such behavior:

The 5000 is in milliseconds. What this does it wait about 5 seconds after a client/server connects to the SMTP port before it offers up a greeting. If the client starts to send data before the greet string appears, the server will automatically block the message from that client. If you want some hosts to be allowed to bypass this check you can add them to your access file like such:

The above hosts would then not be blocked for 5 seconds before sending mail.

Now this may block some legit mail, but I have been running this on our sendmail hosts for months now and have not heard any one complain yet. So far today on one of our incoming servers (we have a bunch), we have blocked 13162 hosts from sending mail in because of pre-greet sending.

If you want to see how it is doing do a

and you will get the number of pre-greet denies you have had.

FWIW…

Technorati Tags: Sendmail

Had a problem today with an AIX machine trying to send mail to the Internet. It seems that by default AIX ignores the DS line in the sendmail.cf if it thinks the receiving host is on a local network. So to fix it you need to find the line that contains the followig: (it is about 60% down in the file) ::

And comment it out. It “should” have a comment like such above it:

Once you comment it out, all the mail will now be sent directly to the host defined in the DS entry. You may have to stop and restart sendmail for it to take effect.

Technorati Tags: AIX, Sendmail