Frage zu Sendmail & Spambekämpfung

Postfix, QMail, Sendmail, Dovecot, Cyrus, Courier, Anti-Spam
mario37
Posts: 11
Joined: 2004-03-27 15:57

Frage zu Sendmail & Spambekämpfung

Post by mario37 » 2004-04-20 20:41

ich habe (versucht) in die sendmailconfiguration (sendmail.mc) Blachlists
zur Spam bekämpfung einzubauen. Siehe sendmail.mc Ich kann durch den einsatz der Blacklisten aber keinerlei wirkung erkennen, es wird nichts geblockt, obwohl einige Spammer dort gelistet sind, wird die mail trotzdem angenommen.? wo liegt da der Fehler, was habe ich da falsch gemacht? Wie mache ich es richtig? (es ist ein vserver mit rh9 und confixx)
hier die verwendete sendmail.mc

Code: Select all

divert(-1)dnl
dnl #
dnl # This is the sendmail macro config file for m4. If you make changes to
dnl # /etc/mail/sendmail.mc, you will need to regenerate the
dnl # /etc/mail/sendmail.cf file by confirming that the sendmail-cf package is
dnl # installed and then performing a
dnl #
dnl #     make -C /etc/mail
dnl #
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`setup for Red Hat Linux')dnl
OSTYPE(`linux')dnl
dnl #
dnl # Uncomment and edit the following line if your outgoing mail needs to
dnl # be sent out through an external mail server:
dnl #
dnl define(`SMART_HOST',`smtp.your.provider')
dnl #
define(`confDEF_USER_ID',``8:12'')dnl
define(`confTRUSTED_USER', `smmsp')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl define(`STATUS_FILE', `/etc/mail/statistics')dnl
define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confAUTH_OPTIONS', `A')dnl
define(`POP_B4_SMTP_TAG')dnl
HACK(`popauth')dnl
dnl #
dnl # The following allows relaying if the user authenticates, and disallows
dnl # plaintext authentication (PLAIN/LOGIN) on non-TLS links
dnl #
dnl define(`confAUTH_OPTIONS', `A p')dnl
dnl # 
dnl # PLAIN is the preferred plaintext authentication method and used by
dnl # Mozilla Mail and Evolution, though Outlook Express and other MUAs do
dnl # use LOGIN. Other mechanisms should be used if the connection is not
dnl # guaranteed secure.
dnl #
TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl #
dnl # Rudimentary information on creating certificates for sendmail TLS:
dnl #     make -C /usr/share/ssl/certs usage
dnl #
dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
dnl #
dnl # This allows sendmail to use a keyfile that is shared with OpenLDAP's
dnl # slapd, which requires the file to be readble by group ldap
dnl #
dnl define(`confDONT_BLAME_SENDMAIL',`groupreadablekeyfile')dnl
dnl #
dnl define(`confTO_QUEUEWARN', `4h')dnl
dnl define(`confTO_QUEUERETURN', `5d')dnl
dnl define(`confQUEUE_LA', `12')dnl
dnl define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl #
dnl # The -t option will retry delivery if e.g. the user runs over his quota.
dnl #
FEATURE(local_procmail,`',`procmail -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
EXPOSED_USER(`root')dnl
dnl #
dnl # The following causes sendmail to only listen on the IPv4 loopback address
dnl # 127.0.0.1 and not on any other network devices. Remove the loopback
dnl # address restriction to accept email from the internet or intranet.
dnl #
DAEMON_OPTIONS(`Port=smtp, Name=MSA, M=E')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 587 for
dnl # mail from MUAs that authenticate. Roaming users who can't reach their
dnl # preferred sendmail daemon due to port 25 being blocked or redirected find
dnl # this useful.
dnl #
dnl DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl
dnl #
dnl # The following causes sendmail to additionally listen to port 465, but
dnl # starting immediately in TLS mode upon connecting. Port 25 or 587 followed
dnl # by STARTTLS is preferred, but roaming clients using Outlook Express can't
dnl # do STARTTLS on ports other than 25. Mozilla Mail can ONLY use STARTTLS
dnl # and doesn't support the deprecated smtps; Evolution <1.1.1 uses smtps
dnl # when SSL is enabled-- STARTTLS support is available in version 1.1.1.
dnl #
dnl # For this to work your OpenSSL certificates must be configured.
dnl #
dnl DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl
dnl #
dnl # The following causes sendmail to additionally listen on the IPv6 loopback
dnl # device. Remove the loopback address restriction listen to the network.
dnl #
dnl # NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl #       a kernel patch
dnl #
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')dnl
dnl #
dnl # We strongly recommend not accepting unresolvable domains if you want to
dnl # protect yourself from spam. However, the laptop and users on computers
dnl # that do not have 24x7 DNS do need this.
dnl #
FEATURE(`accept_unresolvable_domains')dnl
FEATURE(`enhdnsbl', `bl.spamcop.net', `"Spam blocked see: http://spamcop.net/bl.shtml?"$&{client_addr}', `t')dnl
FEATURE(`dnsbl', `relays.ordb.org', `"550 Email rejected due to sending server misconfiguration - see http://www.ordb.org/faq/#why_rejected"')dnl
FEATURE(`dnsbl', `cbl.abuseat.org', `', `"554 Service unavailable; Client host [" $&{client_addr} "] blocked using cbl.abuseat.org"')dnl
dnl FEATURE(`relay_based_on_MX')dnl
dnl # 
dnl # Also accept email sent to "localhost.localdomain" as local email.
dnl # 
LOCAL_DOMAIN(`localhost.localdomain')dnl
dnl #
dnl # The following example makes mail from this host and any additional
dnl # specified domains appear to be sent from mydomain.com
dnl #
dnl MASQUERADE_AS(`mydomain.com')dnl
dnl #
dnl # masquerade not just the headers, but the envelope as well
dnl #
dnl FEATURE(masquerade_envelope)dnl
dnl #
dnl # masquerade not just @mydomainalias.com, but @*.mydomainalias.com as well
dnl #
dnl FEATURE(masquerade_entire_domain)dnl
dnl #
dnl MASQUERADE_DOMAIN(localhost)dnl
dnl MASQUERADE_DOMAIN(localhost.localdomain)dnl
dnl MASQUERADE_DOMAIN(mydomainalias.com)dnl
dnl MASQUERADE_DOMAIN(mydomain.lan)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl

olaf.dietsche
RSAC
Posts: 409
Joined: 2002-12-19 02:06
Location: Siegburg

Re: Frage zu Sendmail & Spambekämpfung

Post by olaf.dietsche » 2004-04-23 16:38

Unter /usr/share/doc/sendmail-doc/cf.README steht eine umfangreiche Beschreibung der verschiedenen Optionen. Unter anderem

Code: Select all

...
blacklist_recipients
		Turns on the ability to block incoming mail for certain
		recipient usernames, hostnames, or addresses.  For
		example, you can block incoming mail to user nobody,
		host foo.mydomain.com, or guest@bar.mydomain.com.
		These specifications are put in the access db as
		described in the anti-spam configuration control section
		later in this document.
...
D.h. du mußt die Spamadressen selbst eintragen. Eventuell suchst du eher was in Richtung RBL. Das wird ebenfalls in cf.README unter dnsbl beschrieben.

mario37
Posts: 11
Joined: 2004-03-27 15:57

Re: Frage zu Sendmail & Spambekämpfung

Post by mario37 » 2004-04-23 16:50

ja, genau soetwas wie die RBL suche ich. ich habe die auch schon nach anleitung eingebaut. nur leider zeigt das bei sendmail keine wirkung.
die sendmail.mc wurde auch mit m4 übersetzt/eingebunden, sendmail neu gestartet, der server rebootet, nichts hilft. sendmail blockt nichts. :cry:

olaf.dietsche
RSAC
Posts: 409
Joined: 2002-12-19 02:06
Location: Siegburg

Re: Frage zu Sendmail & Spambekämpfung

Post by olaf.dietsche » 2004-04-23 20:31

:oops: das habe ich wohl überlesen. Woraus schließt du, daß die Spammer dort gelistet sind. Hast du die IP-Adressen aus der Logdatei überprüft? Hast du schon versucht den Loglevel hochzusetzen?

Code: Select all

define(`confLOG_LEVEL', `14')dnl

mario37
Posts: 11
Joined: 2004-03-27 15:57

Re: Frage zu Sendmail & Spambekämpfung

Post by mario37 » 2004-04-23 20:36

ja, ich habe die ip`s überprüft, die waren gelistet. den loglevel werde ich mal hochsetzen.