Jump to content
When you buy through links on our site, we may earn an affiliate commission.
  • Current Donation Goals

Question for Sendmail Experts


freddy333

Recommended Posts

Our mail server has been the target of a number of spam attacks (a hacker/spammer sends out millions of spams encoded with non-existent email addresses using our domain name forged into the FROM: address, which in turn generates tens of thousands of rejection messages that flood (and shut down) our mail server). Currently, when these attacks occur (about once/month), we simply shut down sendmail, which then discards all incoming mail. This of course eliminates the overload problem, but it also makes our mail server useless. But it also fails to alert the sender that THEIR message was rejected by OUR server because the return address in the original spam was bogus.

I know how to configure the access database to allow incoming mail from a specific domain or IP, but how do I REJECT ALL mail from ALL domains & IP ranges?

Specifically, will the following /etc/mail/access block ALL incoming mail, but still allow us to receive mail from me@mydomain.com, myfriend.com & 24.22.56?

10.0.0.2
RELAY

me@mydomain.com
OK

myfriend.com
OK

24.22.56
OK

0
REJECT

# If the line above will not work, maybe the following line will

TLD
REJECT

Again, my goal is to configure sendmail to allow incoming mail from a list of legitimate senders, but to REJECT mail from ALL other domains & IP ranges. I know the RELAY and OK lines are correct, but I do not know if '0 REJECT' (or 'TLD REJECT') is the correct form to block everything else (and without blocking the previous OK lines)?

Anyone know?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...
Please Sign In or Sign Up