I'll have the instructions how to compile procmail and sendmail later on.
Here's a nice little personal procmailrc that I made. It does the following:
1. If the header "Comments: Authenticated sender is"
exists, kill it.
2. If the Received headers contain invalid IPs, kill it.
3. If "nowhere.com" is in any of the headers, kill it.
4. If the Message-Id header exist and is empty, kill it.
5. If any Received headers contain an "!", kill it.
6. If X-Advertisement header exists. kill it.
7. If the Return-Path contains a "!". kill it.
8. If the To or Cc fields contains "@public.com", kill
it.
9. If the To or Cc contains "@domain.com", kill it.
Then finally, worst part of the procmailrc is the REPLACE_WITH_USERNAME. If you have an email alias or if the To: or Cc: does not have you username, the email will be deleted. Remove that line if you don't like. After all of that a "User Unknown" is sent back to sender.
:0
* (^Comments: Authenticated sender is|\
^Received.*\[[0-9\.]*([03-9][0-9][0-9]|2[6-9][0-9]|25[6-9])\][^\.]|\
.*@nowhere.com|\
^Message-Id: <>|\
^Received:.*!|\
^X-Advertisement:.*|\
^Return-Path:.*!|\
^(To|Cc):.*@public.com|\
^(To|Cc):.*@domain.com)
{
EXITCODE=67
:0 i
/dev/null
}
:0
* !^(To|Cc):.*REPLACE_WITH_USERNAME
/dev/null
I still receive about 1 mass mail/spam a week which I don't
mind. I just ignore them!! Or for you anti-spam freaks, the spams
you do get, you can easily trace them to originator since they
sent by spam newbie who don't know how to hide themselves ;) !!
Complain away!!
For now I'll just link the spam rule I install on the linux boxes here at Infinex. It works great to the best of my knowledge ( not much up there ;) ). Basically you list which Network blocks are allowed to send mail through you.. ie
127.0.0.1
207.113.220
10.2
207.201.8.22
and for domain names
localhost
infinex.com
subdomain.infinex.com
Here's a tiny modified version of the link above that is actually
used at Infinex.
# please use the .m4 file, this file is not maintained! LOCAL_CONFIG F{LocalIP} /etc/spam/OkIPs F{RelayTo} /etc/spam/OkDomains LOCAL_RULESETS Scheck_rcpt # make sure you have TABs here, not BLANKs! sendmail will complain otherwise... # first: get client addr R$+ $: $(dequote "" $&{client_addr} $) $| $1 R0 $| $* $@ ok no client addr: directly invoked R$={LocalIP}$* $| $* $@ ok from here # not local, check rcpt R$* $| $* $: $>3 $2 # remove local part, maybe repeatedly R$+ $:$>remove_local $1 # still something left? R$*<@$+>$* $#error $@ 5.7.1 $: 550 Sorry.. we do not allow relaying Sremove_local # remove RelayTo part (maybe repeatedly) R$*<@$*$={RelayTo}.>$* $>3 $1 $4 R$*<@$=w.>$* $: $>remove_local $>3 $1 $3 R$*<@$*>$* $@ $1<@$2>$3 # dequote local part R$- $: $>3 $(dequote $1 $) R$*<@$*>$* $: $>remove_local $1<@$2>$3
If anyone knows if the above sendmail rule can still be relaied though email me!! please!! ;)..
The following should work for most Slackware boxes... other Distribs may vary..
The compile part should work for any linux box. The cf part is made to support virtual domains and spam control.. SENDMAIL 8.9.0 DOES NOT SUPPORT DBM ANYMORE. Use "hash" instead of "dbm".. hash is the default db type for everything now.. So far the "spam control" [FEATURE(access_db)] checks From:, To:, some part of Received: fields.
download ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.9.0.tar.gz
# tar -zxf sendmail.8.9.0.tar.gz
# cd sendmail-8.9.0
# pico -w BuildTools/OS/Linux #add the following lines.
define(`confLDOPTS', `-s') define(`confOPTIMIZE', `-m486 -O2')
# cd src
# Build
# cd ../cf/cf
# pico -w linux.mc
divert(-1) # # Copyright (c) 1998 Sendmail, Inc. All rights reserved. # Copyright (c) 1983 Eric P. Allman. All rights reserved. # Copyright (c) 1988, 1993 # The Regents of the University of California. All rights reserved. # # By using this file, you agree to the terms and conditions set # forth in the LICENSE file which can be found at the top level of # the sendmail distribution. # # # # This is the prototype file for a configuration that supports nothing # but basic SMTP connections via TCP. # # You MUST change the `OSTYPE' macro to specify the operating system # on which this will run; this will set the location of various # support files for your operating system environment. You MAY # create a domain file in ../domain and reference it by adding a # `DOMAIN' macro after the `OSTYPE' macro. I recommend that you # first copy this to another file name so that new sendmail releases # will not trash your changes. # divert(0)dnl VERSIONID(`@(#)tcpproto.mc 8.10 (Berkeley) 5/19/98') define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail') OSTYPE(linux)dnl DOMAIN(linuxrox.com)dnl FEATURE(nouucp)dnl FEATURE(local_procmail)dnl FEATURE(virtusertable, hash -o /etc/mail/virtusertable)dnl FEATURE(relay_entire_domain)dnl FEATURE(access_db)dnl MAILER(local)dnl MAILER(smtp)dnl
# pico -w ../domain/linuxrox.com.m4 # replace linuxrox.com with your own domain name.
divert(-1)dnl # # This file contains the global definitions for yourdomain.com # divert(0)dnl VERSIONID(`@(#)linuxrox.com.m4 1.0 (linuxrox.com) 06/01/98') FEATURE(use_cw_file)dnl
# m4 ../m4/cf.m4 linux.mc > /tmp/sendmail-8.9.0.cf
# cd ../..
# make install # this is install all the new sendmail programs
# cd /etc
# mv sendmail.cf sendmail-original.cf # just incase the new cf won't work we save the old which will..
# cp /tmp/sendmail.cf sendmail-8.9.0.cf
# ln -s sendmail-8.9.0.cf sendmail.cf
# pico -w /etc/sendmail.cw #list all the domains hosted on you box
linuxrox.com gman.infinex.com evilpeople.com
Any mail to a specific host on your box that is not listed will be REJECTED. The only exception is if the host is a CNAME to the domain name.
# kill -TERM `head -1 /var/run/sendmail.pid`
# /usr/sbin/sendmail -bd -q15m
All done with sendmail.. just "spam control" and virtual domains need to be modifed/configed..
# pico -w /etc/mail/virtusertable #Example of /etc/mail/virtusertable
mp3@evilpeople.com error:nouser Unknown user suggest@evilpeople.com evilppl @evilpeople.com evilppl @mp3.evilpeople.com error:nouser Unknown user
# makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable
mp3@evilpeople.com is an email address I don't want people email so people get a "550 Unknown user" when they do try to email mp3@evilpeople.com. suggest@evilpeople.com really goes to the local user called 'evilppl'. You can also redirect to a remote email address (ie. username@hotmail.com).
To offer unlimited "unlimited aliases" just direct everything to as user on your system. For example.
@domain.com username_on_system
Example of /etc/mail/access
Friend@ 550 Sorry FROM field invalid evilusername@evilplace.com 550 Spammer, Go away!! test.com REJECT domain.com 550 Sorry, domain.com is not a valid domain. 10.0.2.10 OK 10.0.2 550 Your Netblock not allowed..
Pretty simple