accessdb help needed

I'm guessing either the answer will be can't do, or it's so obvious I've
missed it, however.....

There's a site, lets call it xxx, from which I'm getting too much nasty
spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
also hosts some perfectly good users.

Is there a way of rejecting anything coming from xxx's servers, unless
with one of a set of known valid source email addresses?

Thanks.

--
Mike Scott (unet scottsonline.org.uk)
Harlow Essex England

Re: accessdb help needed

On 26 oct, 12:22, Mike Scott
wrote:
> I'm guessing either the answer will be can't do, or it's so obvious I've
> missed it, however.....
>
> There's a site, lets call it xxx, from which I'm getting too much nasty
> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
> also hosts some perfectly good users.
>
> Is there a way of rejecting anything coming from xxx's servers, unless
> with one of a set of known valid source email addresses?
>
> Thanks.
>
> --

You can be very specific as I do here like:
itis.com DISCARD
2xx.1xx.1xx.2xx REJECT

Discard silently 'discard' the mail, but the mail IS downloaded, takes
time, and bandwith. REJECT return an error 500.xx to the sender.
DISCARD as the advanage that the sender ignore if there is somebody at
the other end, while the error confitm there is, but mail is
rejected.
Your choice.
BTW there are other possibilities like forward..
You should by the O'Reily book on sendmail it real worth the mony.
SartDameAveline

Re: accessdb help needed

SarDameAveline wrote:
> On 26 oct, 12:22, Mike Scott
> wrote:
>> I'm guessing either the answer will be can't do, or it's so obvious I've
>> missed it, however.....
>>
>> There's a site, lets call it xxx, from which I'm getting too much nasty
>> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
>> also hosts some perfectly good users.
>>
>> Is there a way of rejecting anything coming from xxx's servers, unless
>> with one of a set of known valid source email addresses?
>>
>> Thanks.
>>
>> --
>
> You can be very specific as I do here like:
> itis.com DISCARD
> 2xx.1xx.1xx.2xx REJECT
>
Thanks, but this I know (I /do/ have the bat book, and there's the doc'n
that comes with sendmail, plus the web site).

But I /still/ can't see how to block all traffic from a defined relay
(more accurately, relays within a defined network) /except/ that from a
list of known email addresses. Maybe custom milter code is the only way??


--
Mike Scott (unet scottsonline.org.uk)
Harlow Essex England

Re: accessdb help needed

In article ,
Mike Scott wrote:
>SarDameAveline wrote:
>> On 26 oct, 12:22, Mike Scott
>> wrote:
>>> I'm guessing either the answer will be can't do, or it's so obvious I've
>>> missed it, however.....
>>>
>>> There's a site, lets call it xxx, from which I'm getting too much nasty
>>> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
>>> also hosts some perfectly good users.
>>>
>>> Is there a way of rejecting anything coming from xxx's servers, unless
>>> with one of a set of known valid source email addresses?
>>>
>>> Thanks.
>>>
>>> --
>>
>> You can be very specific as I do here like:
>> itis.com DISCARD
>> 2xx.1xx.1xx.2xx REJECT
>>
>Thanks, but this I know (I /do/ have the bat book, and there's the doc'n
>that comes with sendmail, plus the web site).
>
>But I /still/ can't see how to block all traffic from a defined relay
>(more accurately, relays within a defined network) /except/ that from a
>list of known email addresses. Maybe custom milter code is the only way??

If everything from that/those relays is using a fixed list domain for the
sender, you can 'accept' mail from a list of full addresses, an reject/discard
everything else using wildcards for those domains.

IF the list of origin domains (valid or otherwise) is open-ended, then,
a custom milter _is_ the easy way.

you -could- roll some direct sendmail.cf code that looks at a (saved) connection
during 'mail from' processing, and rejects anything that isn't i your 'white-
list'.

My opinion: a custom milter will be easier.

Re: accessdb help needed

In article ,
Mike Scott wrote:

> I'm guessing either the answer will be can't do, or it's so obvious I've
> missed it, however.....
>
> There's a site, lets call it xxx, from which I'm getting too much nasty
> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
> also hosts some perfectly good users.
>
> Is there a way of rejecting anything coming from xxx's servers, unless
> with one of a set of known valid source email addresses?

If you have delay_checks enabled, you should be able to do something
like this:

Connect:yahoo.com REJECT
From:yahoos.one.worthwhile.user@yahoo.com OK

This has issues, since it is trivial to forge the sender of mail, but it
does what you are looking for.

This is actually documented in the "Delay all checks" subsection of the
"ANTI-SPAM CONFIGURATION CONTROL" section of the cf/README file.

--
Now where did I hide that website...

Re: accessdb help needed

Bill Cole wrote:
> In article ,
> Mike Scott wrote:
>
>> I'm guessing either the answer will be can't do, or it's so obvious I've
>> missed it, however.....
>>
>> There's a site, lets call it xxx, from which I'm getting too much nasty
>> spam. I'd be tempted just to put "connect:xxx REJECT", except that xxx
>> also hosts some perfectly good users.
>>
>> Is there a way of rejecting anything coming from xxx's servers, unless
>> with one of a set of known valid source email addresses?
>
> If you have delay_checks enabled, you should be able to do something
> like this:
>
> Connect:yahoo.com REJECT
> From:yahoos.one.worthwhile.user@yahoo.com OK
>
> This has issues, since it is trivial to forge the sender of mail, but it
> does what you are looking for.
>
> This is actually documented in the "Delay all checks" subsection of the
> "ANTI-SPAM CONFIGURATION CONTROL" section of the cf/README file.
>
Thanks. I've put that in to see what happens. I had read the section
you mention - or rather, as I now see, completely misread it. Which
explains my misunderstanding of it.

--
Mike Scott (unet scottsonline.org.uk)
Harlow Essex England