freddy333 Posted April 3, 2008 Report Share Posted April 3, 2008 Our mail server has been the target of a number of spam attacks (a hacker/spammer sends out millions of spams encoded with non-existent email addresses using our domain name forged into the FROM: address, which in turn generates tens of thousands of rejection messages that flood (and shut down) our mail server). Currently, when these attacks occur (about once/month), we simply shut down sendmail, which then discards all incoming mail. This of course eliminates the overload problem, but it also makes our mail server useless. But it also fails to alert the sender that THEIR message was rejected by OUR server because the return address in the original spam was bogus. I know how to configure the access database to allow incoming mail from a specific domain or IP, but how do I REJECT ALL mail from ALL domains & IP ranges? Specifically, will the following /etc/mail/access block ALL incoming mail, but still allow us to receive mail from me@mydomain.com, myfriend.com & 24.22.56? 10.0.0.2 RELAY me@mydomain.com OK myfriend.com OK 24.22.56 OK 0 REJECT # If the line above will not work, maybe the following line will TLD REJECT Again, my goal is to configure sendmail to allow incoming mail from a list of legitimate senders, but to REJECT mail from ALL other domains & IP ranges. I know the RELAY and OK lines are correct, but I do not know if '0 REJECT' (or 'TLD REJECT') is the correct form to block everything else (and without blocking the previous OK lines)? Anyone know? Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now