[4803] in WWW Security List Archive
Re: Blocking Spam
daemon@ATHENA.MIT.EDU (Albert Lunde)
Thu Mar 13 13:59:04 1997
To: bc17684@90.deere.com
Date: Thu, 13 Mar 1997 11:15:10 CST
Cc: WWW-SECURITY@ns2.rutgers.edu, Firewalls@GreatCircle.COM
In-Reply-To: <33280D43.6205@90.deere.com>; from "Bertrum Carroll" at Mar 13, 97 8:20 am
From: albert-lunde@nwu.edu (Albert Lunde)
Reply-To: albert-lunde@nwu.edu (Albert Lunde)
Errors-To: owner-www-security@ns2.rutgers.edu
> Not that we are Anti - Free Speech but! We have a need to bounce back
> or block mail from know "Pam", "Do you want to buy our porn", "Buy our
> worthless product" email sites.
One simple-minded approach, is to run sendmail (or other mail deamon
of your choice), under tcp_wrappers, under inetd. I've done this
on a system with a light load of e-mail.
This allows you to block and log SMPT requests coming directly from known bad
networks or domains.
Advantages: It's simple. It works with no/few changes to sendmail/mailer config.
Disadvantages: Slower than running a sendmail deamon all the time because
of start-up time. Can't block mail relayed via 3rd party SMTP servers.
May not scale up to a large list of exclusions. Can't block
single users.
Sendmail 8 has a bunch of hooks for excluding mail from particular
domains and senders, but I'm not sure if anyone has got all the
rough edges off this yet. Ask on comp.mail.sendmail and/or
news.admin.net-abuse.*
