PDA

View Full Version : Rejecting addresses with sendmail (Was: Can I get "Div



junga
01-30-2004, 01:08 PM
Thanks for the ps aux tip. It got me playing around with the various options of ps -- fun.

(Summary of longer email below...)
I want to use sendmail to reject bad addresses instead of using procmail to mearely > /dev/null

them. I want to keep a catch all mailbox, so I want to be able to explicitly list the addresses

that sendmail should reject.


Details:

Now I realize that I don't really want sendmail to pass the 'delivered-to' address to procmail in

the header so that I can filter on that information (as I originally asked in my first post).

I want to configure sendmail with a list of known addresses that it will reject. I assume that if

I don't have a 'catch all' user setup that sendmail will reject (meaning that it won't read the

message from the contacting MTA) any mail sent to an address that I don't have an user created

for.

But I want my 'catch all'. I want to have a list of addresses on my domain that sendmail should

reject. If an address is not on that list and not the name of one of my email accounts the mail

should go to my catch all account (with the deliver-to header inserted).

Reasoning behind this:
The reason I want this is that I want the deliver transaction to fail for any address that is

getting spammed. That way there is an indication to the spammer (if they are monitoring it) that

the message was not delivered and therefore there is no chance that a human will read it. I think

its up to the delivering MTA to generate a bounce email or not. The delivering MTA may actuall be

the spammers MTA and they would know first hand that the address was rejected.

Sending a bounce after the message has been delivered seems useless because the return address

that you bounce to is ussually not a real address so the bounce generates 'undeliverable '

messages back to your server.

jalal
01-30-2004, 02:33 PM
Thie file you need is /etc/mail/access

You can put a line such as so:
dead@mydomain.com 550 Mail account disabled

rebuild the access map afterward with:
$ makemap hash access.db < access

Mail sent to that address will be refused with a code 550 and the above message.

Note that most spammers don't take any notice of whether or not a mail gets delivered. They make money by sending the emails, whether they arrive or not is totally irrelevant.

HTH

SJP
01-30-2004, 04:32 PM
If you put unaccepted email addresses is in the access file will sendmail reject the message in the beginning or after the whole message has been received?

SJP

junga
01-30-2004, 10:02 PM
>> ...reject ... in the beginning or after the whole message
>> has been received?

My understanding is that the SMPT server first recieves the envelope data (to and from addresses) then either rejects the message in which case the body of the message is never sent or accepts it and reads the message body.

>>You can put a line such as so:
>>dead@mydomain.com 550 Mail account disabled

Thanks. This is easier than I could have imagined and exactly what I want.




--BobG

SJP
01-31-2004, 12:46 AM
Yeah, that does make the most sense. I think the best and easiest solution is not to put your e-mail address in plain text, but use a graphic instead. Maybe more hassle for the visitor since they'd have to type it by hand instead of clicking, but like I said before this ain't fantasy land. That's what I do on my website and I haven't been spammed yet and my site has been up for over a year. Spammers are lazy. They don't personally visit web-sites to determine who they are going to SPAM. They use robots to collect the information for them and not very sophisticated ones at that. And it also helps not to use common names like sales@......

SJP

wildjokerdesign
01-31-2004, 08:02 AM
I wanted to add to what SJP said about protecting your e-mail. I was reading ideas that one person used to combat spam and they had thier filters set so that only mail with a code word in the subject line would be delivered. I belive they even listed thier e-mail as text but then right below it had a line explaining to users that if they did not insert the code word into the subject that it would not be delivered. Again Spammers are lazy they are not going to take the time to send out one e-mail with something special. He also mentioned that if spam started getting through that you could simply change the code word but that he had not had to do this since he started using the method many years ago.

jalal
01-31-2004, 09:35 AM
One of my email addresses (I've had for five or more years) is the one I use in all my software and stuff... so I can't change it. Needless to say, after this long it seems to be on every spam list in existence!
But recently I've realized that I don't care. Once I start taking steps like special code words, or challenge/response, then in a sense the spammers have won and i've retreated.
So, I've learned how to take them on with technical solutions. I get about 300 emails a day to that account, 290 on average are spam.
The real emails all get through, about 5-10 spam a day get through (I can deal with that), everything else just heads into /dev/null where it belongs.

There is certain satisfaction in knowing that I've succeeded on my own terms.
8)

SJP
01-31-2004, 12:18 PM
I thought I'd add another way is to use javascript to present the clickable link to the visitor. For example, in a js file named "txtlnk.js" put:

var txtlnk="mailto:user@host.com";

Include that file when your page loads like so:

<SCRIPT TYPE="text/javascript" SRC="txtlnk.js"></SCRIPT>

Then in your document where you want the link to appear do something like:

<SCRIPT TYPE="text/javascript">
document.write("<A HREF=\'" + txtlnk + "\'>Email Me!</A>");
</SCRIPT>

SPAMBOTS will never see it and you don't sacrifice ease of use.

SJP

SJP
01-31-2004, 09:27 PM
If you'd like to see my idea in action take a look at http://www.sanjuanpersonals.com/.

The details are a little different. Namely I had to put the entire link text in the js file less the W3C HTML Validator will complain about unmatched tags. The js file on the server in my home directory looks like this:

var lnktxt="<A HREF='mailto:user@host.com'><IMG ALT='e-mail address of caretaker' STYLE='vertical-align:bottom' SRC='addr.gif'></A>";

Replace user@host.com with your email address. In my document I first include the file:

<SCRIPT TYPE="text/javascript" SRC="http://www.sanjuanpersonals.com/lnktxt.js"></SCRIPT>

And then where I want the link to appear I put:

<SCRIPT TYPE="text/javascript">
<!--
document.write(lnktxt);
// -->
</SCRIPT>

SJP

junga
02-01-2004, 09:05 PM
The spam defense I like is to use an entire domain for your personal email address. Whenever I register at a new site or forum, etc.. I use theirCompanyName@mydomain.com If I start getting spam, I just turn off that address.

Its particulally insteresting in that you can tell when a specific company has sold your email address to a spam list.

The hardest thing is to remember that I connot just reply to an email because with Outlook, it always gets sent with my real email even if I use their facility to change the "from" header. I need a better email client.

--BobG

Armadillo
02-04-2004, 03:15 AM
Thie file you need is /etc/mail/access

You can put a line such as so:
dead@mydomain.com 550 Mail account disabled

rebuild the access map afterward with:
$ makemap hash access.db < access

Mail sent to that address will be refused with a code 550 and the above message.

Note that most spammers don't take any notice of whether or not a mail gets delivered. They make money by sending the emails, whether they arrive or not is totally irrelevant.

HTH
That looks like something I could use.
Will it bounce a message back? Or just not accept it?
I dont care to add to network traffic bouncing spam. I just want to not accept it..

jalal
02-04-2004, 03:32 AM
Armadillo

The line I suggested will send a message back to the contacting server to say that this account is disabled. So its not a bounce because it simply doesn't accept it.

You could also put:
cheapmeds.biz REJECT
which may in fact be simpler. It doesn't give a reason, it just refuses to accept the mail.

wildjokerdesign
02-04-2004, 07:48 AM
Jalal,
The last example you gave:

cheapmeds.biz REJECT

Is that to reject all mail coming from a certian domain as opposed to the example before that which is rejecting mail for a user at your domain?

jalal
02-04-2004, 07:59 AM
Yes, thats correct. Maybe that wasn't too clear. Thanks.

So, its not really the same thing...

:(

Armadillo
02-04-2004, 05:47 PM
Armadillo

The line I suggested will send a message back to the contacting server to say that this account is disabled. So its not a bounce because it simply doesn't accept it.

Cool. That's what I want.

I can use that other thing too to reject spam domains. I have some in Spamassassins blacklist now, but rejecting them outright might be better.

Thanks.
:D

Armadillo
02-05-2004, 03:11 PM
I have one more question.
Will I need to kill and restart sendmail after rebuilding the access map?

I used ps aux but I didnt notice sendmail listed. I can receive mail.
(There were several mysql processes running for some reason thought.)
Did I use the wrong command, or is killing and restarting it not necessary?

wildjokerdesign
02-05-2004, 03:36 PM
I think you are fine if you followed Jalal's directions and did the rebuild. Jalal has mentioned before in other threads that sendmail only runs when mail is sent to your server which is why it does not show when you run ps aux (unless someone sends mail at the moment you do it)

Armadillo
02-07-2004, 02:40 AM
Thanks for all the help.
It works!
8)
I guess I'm not a SSH-virgin anymore.
:o