1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
|
# $OpenBSD: example.antispam,v 1.2 2001/02/03 08:23:45 niklas Exp $
# example antispam file. Modify to suit your needs.
#
# This file goes in /var/spool/smtpd/etc/smtpd_check_rules
# once you have modified it appropriately for your site.
#
# This example does two things: 1, it prevents unauthorized relaying,
# 2), it blocks incoming SPAM from the major SPAM domains. To keep
# an eye on the current worst offenders, check out http://spam.abuse.net/
#
# If you really dislike SPAM, you can try compiling with NOTO_DELAY
# set to some (relatively small) value, and changing the "noto" rules
# in this file to "noto_delay" rules.
#
# This file assumes that our domains are "mydomain.com" and "otherdomain.com".
# assumes our dns servers are "dns1.mydomain.com", etc. etc.
# you will need to edit this file for your own use.
# First, allow us to relay outgoing mail from our hosts.
allow:*mydomain.com *otherdomain.com:ALL:ALL
# don't allow people to use %hack to relay off of me.
noto:ALL:ALL:*%*@*:551 Sorry %H (%I), I don't allow unauthorized relaying. You can't use me to send mail from %F to %T.
noto:ALL:ALL:*!*@*:551 Sorry %H (%I), I don't allow unauthorized relaying. You can't use me to send mail from %F to %T.
noto:ALL:ALL:*@*@*:551 Sorry %H (%I), I don't allow unauthorized relaying. You can't use me to send mail from %F to %T.
# First, the exceptions.
# "I'll have your spam dear, I love it!"
#
# The people below have requested that all mail be let through to them
# with no filtering for SPAM, and we accomodate them here.
#
allow:ALL:ALL:ALL@hormel.mydomain.com spamboy@otherdomain.com
# Block any connections from host in the MAPS rbl at rbl.maps.vix.com
# Beware that this can throw the baby out with the bathwater.
# this one line will mimic the usual sendmail behaviour when using the MAPS RBL
noto:RBL.rbl.maps.vix.com:ALL:ALL:550 Mail refused from host %I in MAPS RBL, see http%C//maps.vix.com/rbl/
# Block any connections from a host or connecting address who uses a
# nameserver for which the address is in the MAPS rbl at rbl.maps.vix.com.
# Note that this can *really* throw the baby out with the bathwater,
# be sure you understand the implications before using the two below.
#noto:NS=RBL.rbl.maps.vix.com:ALL:ALL:550 Mail refused due to nameserver for %H(%I) in MAPS RBL, see http%C//maps.vix.com/rbl/
#noto:ALL:NS=RBL.rbl.maps.vix.com:ALL:550 Mail refused due to nameserver for %F in MAPS RBL, see http%C//maps.vix.com/rbl/
# block anyone who uses a major SPAM provider as a nameserver or MX. either
# on a connection from one of their hosts, a connection from a host they act
# as a nameserver for, or a connection with a FROM: address that uses
# a nameserver or MX from a them. As an example, we use the old cyberpromo
# netblocks below. You should not use a rule such as below unless you are
# sure the netblock *currently* belongs to a spamhaus.
#cyberpromo.com
#noto:205.199.212.0/24 205.199.2.0/24 207.124.161.0/24 204.137.221.0/24:ALL:ALL
#noto:ALL:NS=205.199.212.0/24 NS=205.199.2.0/24 NS=207.124.161.0/24 NS=204.137.221.0/24:ALL
#noto:NS=205.199.212.0/24 NS=205.199.2.0/24 NS=207.124.161.0/24 NS=204.137.221.0/24:ALL:ALL
# dump things with a bogus rhs to a FROM: addresses. usually spammers
# This drops any message where the FROM: address is given as
# anything@bogus, where "bogus" is
# 1) not resolvable as a hostname.
# 2) not resolvable as an NS or MX record
# In other words, this basically tosses anything that gives a FROM address
# in the smtp dialogue that you would probably have no hope of replying
# to via smtp.
# You can may wish to use a 450 (which invites the sender to retry)
# rather than a 550 that won't in order not to lose real mail that has
# no resolution due to temporary DNS problems. However be warned that
# if you do lots of SPAM may get retried a lot. I've had varying
# success with using 450 depending on how busy the site is.
noto:ALL:NS=UNKNOWN:ALL:550 Your FROM address (%F) doesn't seem to resolve to a host, domain, or MX record. Please mail to %T from a valid e-mail address.
# dump bozos with all digit addresses. almost always spammers.
noto:ALL:/^[0-9]+@.*$/:ALL
##############################################
# otherwise, allow untrusted connections with mail to anywhere we MX
# this should do it nicely:
allow:ALL:ALL:NS=dns*.mydomain.com
# An alternative is to allow by domain, below.
allow:ALL:ALL:*mydomain.com *otherdomain.com
##############################################
# don't relay mail to other places from other connections, so
# we don't get used as a spam relay
noto:ALL:ALL:ALL:551 Sorry %H (%I), I don't allow unauthorized relaying. You can't use me to send mail from %F to %T.
|