Sendmail Config Antispam
Jump to navigation
Jump to search
Don't allow domain hijack
The following configuration part is a replacement for the check_mail ruleSet. It can check whether the domains from LocalDomains within the from-addresses being offered to sendmail are coming from the IP-addresses/ranges that are defined in LocalIP. Please make sure the space in between the left-hand-side and the right-hand-side of the configuration are seperated by tabs.
F{LocalDomains} /etc/mail/LocalDomains F{LocalIP} /etc/mail/LocalIP Scheck_mail # ruleset 3 makes the input into a normal e-mail address (user<@blaat.nl.>) R$* $: $>3 $1 # first: get client addr R$+ $: $(dequote "" $&{client_addr} $) $| $1 # no client_addr, smmsp? R0 $| $* $: $>"check_mail2" $1 # client_addr in /etc/mail/LocalIP? then go to SLocal_check_mail R$={LocalIP}$* $| $* $: $1 $| $>"Local_check_mail" $1 # mail from user@domain, domain in /etc/mail/LocalDomains? Then reject, because it is not a local IP R$*<@$={LocalDomains}.>$* $#error $@ 5.7.1 $: "550 We don't accept junk mail from our own domains" R$*<@$={LocalDomains}>$* $#error $@ 5.7.1 $: "550 We don't accept junk mail from our own domains" SLocal_check_mail Scheck_mail2 R$* $: $1 $| $>"Local_check_mail" $1 R$* $| $#$* $#$2 R$* $| $* $@ $>"Basic_check_mail" $1
LocalDomains:
localhost beeblebrox.example.com foobar.example.com
LocalIP:
127. 192.168.1.2 10.12. IPv6:::1 IPv6:2001:dead:beef: