diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2000-05-15 03:38:26 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2000-05-15 03:38:26 +0000 |
| commit | 6641f33fef6e1cfff30446fdf7b45a17eb053213 (patch) | |
| tree | 2bb80aaf05c865b47c6ea332e2e208f0e343cc7a | |
| parent | d7f66e7bc50f7fb098e10aa9f79596e7e895eb2f (diff) | |
Update to reality
| -rw-r--r-- | gnu/usr.sbin/sendmail/cf/cf/courtesan-lists.mc | 94 | ||||
| -rw-r--r-- | gnu/usr.sbin/sendmail/cf/cf/courtesan-nonet.mc | 3 | ||||
| -rw-r--r-- | gnu/usr.sbin/sendmail/cf/cf/courtesan.mc | 8 | ||||
| -rw-r--r-- | gnu/usr.sbin/sendmail/cf/cf/openbsd-lists.mc | 67 |
4 files changed, 137 insertions, 35 deletions
diff --git a/gnu/usr.sbin/sendmail/cf/cf/courtesan-lists.mc b/gnu/usr.sbin/sendmail/cf/cf/courtesan-lists.mc index 8ce9deb3fdd..dbb86e07af9 100644 --- a/gnu/usr.sbin/sendmail/cf/cf/courtesan-lists.mc +++ b/gnu/usr.sbin/sendmail/cf/cf/courtesan-lists.mc @@ -2,26 +2,54 @@ divert(-1) # # Sendmail 8 configuration file for lists.courtesan.com. # +# This machine is the courtesan.com mailing list server. +# -VERSIONID(`$OpenBSD: courtesan-lists.mc,v 1.1 2000/04/02 19:48:11 millert Exp $') -OSTYPE(openbsd) +divert(0)dnl +VERSIONID(`$OpenBSD: courtesan-lists.mc,v 1.2 2000/05/15 03:38:25 millert Exp $') +OSTYPE(openbsd)dnl +dnl +dnl Advertise ourselves as ``lists.courtesan.com'' +define(`confSMTP_LOGIN_MSG', `lists.courtesan.com Sendmail $v/$Z/courtesan ready at $b')dnl +dnl +dnl Define relays, since not everyone uses internet addresses, even now +define(`UUCP_RELAY', `rutgers.edu')dnl +define(`BITNET_RELAY', `interbit.cren.net')dnl +define(`DECNET_RELAY', `vaxf.colorado.edu')dnl dnl -dnl First, we override some default values +dnl Override some default values define(`confPRIVACY_FLAGS', `authwarnings, nobodyreturn')dnl define(`confTRY_NULL_MX_LIST', `True')dnl -define(`confSMTP_LOGIN_MSG', `lists.courtesan.com Sendmail $v/$Z/courtesan ready at $b')dnl define(`confMAX_HOP', `30')dnl define(`confMAX_MIME_HEADER_LENGTH', `256/128')dnl dnl -dnl Next, we define the features we want -FEATURE(always_add_domain)dnl -FEATURE(use_cw_file)dnl -MASQUERADE_AS(courtesan.com)dnl -FEATURE(masquerade_envelope)dnl +dnl Always use fully qualified domains +FEATURE(always_add_domain) +dnl +dnl Need to add domo and mailman as "trusted users" to rewrite From lines +define(`confTRUSTED_USERS', `domo mailman')dnl +dnl +dnl Wait a day before sending mail about deferred messages +define(`confTO_QUEUEWARN', `1d')dnl dnl -dnl Then, we enumerate which mailers we support -MAILER(local) -MAILER(smtp) +dnl Wait 4 days before giving up and bouncing the message +define(`confTO_QUEUERETURN', `4d')dnl +dnl +dnl Make mail appear to be from openbsd.org +MASQUERADE_AS(courtesan.com) +FEATURE(masquerade_envelope) +dnl +dnl Spam blocking features +FEATURE(access_db)dnl +FEATURE(blacklist_recipients)dnl +FEATURE(dnsbl, `rbl.maps.vix.com', `Rejected - see http://www.mail-abuse.org/rbl/')dnl +FEATURE(dnsbl, `dul.maps.vix.com', `Dialup - see http://www.mail-abuse.org/dul/')dnl +FEATURE(dnsbl, `relays.mail-abuse.org', `Open spam relay - see http://www.mail-abuse.org/rss/')dnl +dnl FEATURE(dnsbl, `relays.orbs.org', `Open spam relay - see http://www.orbs.org/')dnl +dnl +dnl List the mailers we support +MAILER(local)dnl +MAILER(smtp)dnl dnl dnl Finally, we have the local cf-style goo LOCAL_CONFIG @@ -42,9 +70,30 @@ C{RejectToDomains} public.com the-internet.com LOCAL_RULESETS # -# Reject some mail based on To: header +# Header checks # HTo: $>CheckTo +HMessage-Id: $>CheckMessageId +HSubject: $>Check_Subject +HX-Spanska: $>Spanska + +# +# Melissa worm detection (done in Check_Subject) +# See http://www.cert.org/advisories/CA-99-04-Melissa-Macro-Virus.html +# +D{MPat}Important Message From +D{MMsg}This message may contain the Melissa virus; see http://www.cert.org/advisories/CA-99-04-Melissa-Macro-Virus.html + +# +# ILOVEYOU worm detection (done in Check_Subject) +# See http://www.datafellows.com/v-descs/love.htm +# +D{ILPat}ILOVEYOU +D{ILMsg}This message may contain the ILOVEYOU virus; see http://www.datafellows.com/v-descs/love.htm + +# +# Reject some mail based on To: header +# SCheckTo R$={RejectToLocalparts}@$* $#error $: "553 Header error" R$*@$={RejectToDomains} $#error $: "553 Header error" @@ -52,16 +101,21 @@ R$*@$={RejectToDomains} $#error $: "553 Header error" # # Enforce valid Message-Id to help stop spammers # -HMessage-Id: $>CheckMessageId SCheckMessageId R< $+ @ $+ > $@ OK R$* $#error $: 553 Header Error -LOCAL_RULESETS # -# Reject mail based on regexp above +# Happy99 worm detection +# +SSpanska +R$* $#error $: "553 Your system is probably infected by the Happy99 worm; see http://www.symantec.com/avcenter/venc/data/happy99.worm.html" + +# +# Check Subject line for worm/virus telltales # -SLocal_check_mail -R$* $: $>Parse0 $>3 $1 -R$+ $: $(checkaddress $1 $) -R@MATCH $#error $: "553 Header error" +SCheck_Subject +R${MPat} $* $#error $: 553 ${MMsg} +RRe: ${MPat} $* $#error $: 553 ${MMsg} +R${ILPat} $#error $: 553 ${ILMsg} +RRe: ${ILPat} $#error $: 553 ${ILMsg} diff --git a/gnu/usr.sbin/sendmail/cf/cf/courtesan-nonet.mc b/gnu/usr.sbin/sendmail/cf/cf/courtesan-nonet.mc index 7c6d7f9bb2d..f073641c413 100644 --- a/gnu/usr.sbin/sendmail/cf/cf/courtesan-nonet.mc +++ b/gnu/usr.sbin/sendmail/cf/cf/courtesan-nonet.mc @@ -4,7 +4,8 @@ divert(-1) # an RFC1597 internal net (ie: no direct connection to outside world). # -VERSIONID(`$OpenBSD: courtesan-nonet.mc,v 1.1 2000/04/02 19:48:11 millert Exp $') +divert(0)dnl +VERSIONID(`$OpenBSD: courtesan-nonet.mc,v 1.2 2000/05/15 03:38:25 millert Exp $') OSTYPE(openbsd) dnl dnl Pass everything to xerxes.courtesan.com for processing diff --git a/gnu/usr.sbin/sendmail/cf/cf/courtesan.mc b/gnu/usr.sbin/sendmail/cf/cf/courtesan.mc index edf15299dd2..de73ffb4cfc 100644 --- a/gnu/usr.sbin/sendmail/cf/cf/courtesan.mc +++ b/gnu/usr.sbin/sendmail/cf/cf/courtesan.mc @@ -3,7 +3,8 @@ divert(-1) # Sendmail 8 configuration file for courtesan.com. # -VERSIONID(`$OpenBSD: courtesan.mc,v 1.1 2000/04/02 19:48:11 millert Exp $') +divert(0)dnl +VERSIONID(`$OpenBSD: courtesan.mc,v 1.2 2000/05/15 03:38:25 millert Exp $') OSTYPE(openbsd) dnl dnl First, we override some default values @@ -20,8 +21,13 @@ FEATURE(redirect)dnl MASQUERADE_AS(courtesan.com)dnl FEATURE(masquerade_envelope)dnl FEATURE(mailnametable)dnl +dnl Spam blocking features FEATURE(access_db)dnl FEATURE(blacklist_recipients)dnl +FEATURE(dnsbl, `rbl.maps.vix.com', `Rejected - see http://www.mail-abuse.org/rbl/')dnl +FEATURE(dnsbl, `dul.maps.vix.com', `Dialup - see http://www.mail-abuse.org/dul/')dnl +FEATURE(dnsbl, `relays.mail-abuse.org', `Open spam relay - see http://www.mail-abuse.org/rss/')dnl +dnl FEATURE(dnsbl, `relays.orbs.org', `Open spam relay - see http://www.orbs.org/')dnl dnl dnl Then, we enumerate which mailers we support MAILER(local) diff --git a/gnu/usr.sbin/sendmail/cf/cf/openbsd-lists.mc b/gnu/usr.sbin/sendmail/cf/cf/openbsd-lists.mc index 084591e5c32..a51e3d3e1e1 100644 --- a/gnu/usr.sbin/sendmail/cf/cf/openbsd-lists.mc +++ b/gnu/usr.sbin/sendmail/cf/cf/openbsd-lists.mc @@ -5,33 +5,35 @@ divert(-1) # This machine handles all mail for openbsd.{org,com,net} # -VERSIONID(`$OpenBSD: openbsd-lists.mc,v 1.2 2000/04/02 21:22:35 millert Exp $') +divert(0)dnl +VERSIONID(`$OpenBSD: openbsd-lists.mc,v 1.3 2000/05/15 03:38:25 millert Exp $') OSTYPE(openbsd)dnl dnl dnl Advertise ourselves as ``openbsd.org'' define(`confSMTP_LOGIN_MSG', `openbsd.org Sendmail $v/$Z/millert ready willing and able at $b')dnl dnl dnl Define relays, since not everyone uses internet addresses, even now -define(`UUCP_RELAY', `rutgers.edu') -define(`BITNET_RELAY', `interbit.cren.net') -define(`DECNET_RELAY', `vaxf.colorado.edu') +define(`UUCP_RELAY', `rutgers.edu')dnl +define(`BITNET_RELAY', `interbit.cren.net')dnl +define(`DECNET_RELAY', `vaxf.colorado.edu')dnl dnl dnl Override some default values define(`confPRIVACY_FLAGS', `authwarnings, nobodyreturn')dnl -define(`confTRY_NULL_MX_LIST', `True') +define(`confTRY_NULL_MX_LIST', `True')dnl define(`confMAX_HOP', `30')dnl +define(`confMAX_MIME_HEADER_LENGTH', `256/128')dnl dnl dnl Always use fully qualified domains FEATURE(always_add_domain) dnl dnl Need to add domo and mailman as "trusted users" to rewrite From lines -define(`confTRUSTED_USERS', `domo mailman') +define(`confTRUSTED_USERS', `domo mailman')dnl dnl dnl Wait a day before sending mail about deferred messages -define(`confTO_QUEUEWARN', `1d') +define(`confTO_QUEUEWARN', `1d')dnl dnl dnl Wait 4 days before giving up and bouncing the message -define(`confTO_QUEUERETURN', `4d') +define(`confTO_QUEUERETURN', `4d')dnl dnl dnl Make mail appear to be from openbsd.org MASQUERADE_AS(openbsd.org) @@ -41,9 +43,13 @@ dnl Need this for OpenBSD mailing lists FEATURE(stickyhost)dnl FEATURE(virtusertable)dnl dnl -dnl We use the access DB for spam prevention +dnl Spam blocking features FEATURE(access_db)dnl FEATURE(blacklist_recipients)dnl +FEATURE(dnsbl, `rbl.maps.vix.com', `Rejected - see http://www.mail-abuse.org/rbl/')dnl +FEATURE(dnsbl, `dul.maps.vix.com', `Dialup - see http://www.mail-abuse.org/dul/')dnl +FEATURE(dnsbl, `relays.mail-abuse.org', `Open spam relay - see http://www.mail-abuse.org/rss/')dnl +dnl FEATURE(dnsbl, `relays.orbs.org', `Open spam relay - see http://www.orbs.org/')dnl dnl dnl List the mailers we support MAILER(local)dnl @@ -73,9 +79,30 @@ C{RejectToDomains} public.com the-internet.com LOCAL_RULESETS # -# Reject some mail based on To: header +# Header checks # HTo: $>CheckTo +HMessage-Id: $>CheckMessageId +HSubject: $>Check_Subject +HX-Spanska: $>Spanska + +# +# Melissa worm detection (done in Check_Subject) +# See http://www.cert.org/advisories/CA-99-04-Melissa-Macro-Virus.html +# +D{MPat}Important Message From +D{MMsg}This message may contain the Melissa virus; see http://www.cert.org/advisories/CA-99-04-Melissa-Macro-Virus.html + +# +# ILOVEYOU worm detection (done in Check_Subject) +# See http://www.datafellows.com/v-descs/love.htm +# +D{ILPat}ILOVEYOU +D{ILMsg}This message may contain the ILOVEYOU virus; see http://www.datafellows.com/v-descs/love.htm + +# +# Reject some mail based on To: header +# SCheckTo R$={RejectToLocalparts}@$* $#error $: "553 Header error" R$*@$={RejectToDomains} $#error $: "553 Header error" @@ -83,7 +110,21 @@ R$*@$={RejectToDomains} $#error $: "553 Header error" # # Enforce valid Message-Id to help stop spammers # -HMessage-Id: $>CheckMessageId SCheckMessageId -R< $+ @ $+ > $@ OK -R$* $#error $: 553 Header Error +R< $+ @ $+ > $@ OK +R$* $#error $: 553 Header Error + +# +# Happy99 worm detection +# +SSpanska +R$* $#error $: "553 Your system is probably infected by the Happy99 worm; see http://www.symantec.com/avcenter/venc/data/happy99.worm.html" + +# +# Check Subject line for worm/virus telltales +# +SCheck_Subject +R${MPat} $* $#error $: 553 ${MMsg} +RRe: ${MPat} $* $#error $: 553 ${MMsg} +R${ILPat} $#error $: 553 ${ILMsg} +RRe: ${ILPat} $#error $: 553 ${ILMsg} |