Mail

I'll have the instructions how to compile procmail and sendmail later on. 



Procmail

Here's a nice little personal procmailrc that I made. It does the following:

1. If the header "Comments: Authenticated sender is" exists, kill it.
2. If the Received headers contain invalid IPs, kill it.
3. If "nowhere.com" is in any of the headers, kill it.
4. If the Message-Id header exist and is empty, kill it.
5. If any Received headers contain an "!", kill it.
6. If X-Advertisement header exists. kill it.
7. If the Return-Path contains  a "!". kill it.
8. If the To or Cc fields contains "@public.com", kill it.
9. If the To or Cc contains "@domain.com", kill it.
 

Then finally, worst part of the procmailrc is the REPLACE_WITH_USERNAME. If you have an email alias or if the To: or Cc: does not have you username, the email will be deleted. Remove that line if you don't like. After all of that a "User Unknown" is sent back to sender.

:0
* (^Comments: Authenticated sender is|\
   ^Received.*\[[0-9\.]*([03-9][0-9][0-9]|2[6-9][0-9]|25[6-9])\][^\.]|\
   .*@nowhere.com|\
   ^Message-Id: <>|\
   ^Received:.*!|\
   ^X-Advertisement:.*|\
   ^Return-Path:.*!|\
   ^(To|Cc):.*@public.com|\
   ^(To|Cc):.*@domain.com)
{
        EXITCODE=67

        :0 i
        /dev/null
}

:0
* !^(To|Cc):.*REPLACE_WITH_USERNAME
/dev/null

I still receive about 1 mass mail/spam a week which I don't mind. I just ignore them!! Or for you anti-spam freaks, the spams you do get, you can easily trace them to originator since they sent by spam newbie who don't know how to hide themselves ;) !!  Complain away!!



Sendmail 8.8.x

For now I'll just link the spam rule I install on the linux boxes here at Infinex. It works great to the best of my knowledge ( not much up there ;) ). Basically you list which Network blocks are allowed to send mail through you.. ie

127.0.0.1
207.113.220
10.2
207.201.8.22

and for domain names

localhost
infinex.com
subdomain.infinex.com

Here's a tiny modified version of the link above that is actually used at Infinex.
 

# please use the .m4 file, this file is not maintained! 
LOCAL_CONFIG 
F{LocalIP} /etc/spam/OkIPs 
F{RelayTo} /etc/spam/OkDomains
LOCAL_RULESETS 
Scheck_rcpt 
# make sure you have TABs here, not BLANKs! sendmail will complain otherwise... 
# first: get client addr 
R$+                     $: $(dequote "" $&{client_addr} $) $| $1 
R0 $| $*                $@ ok                   no client addr: directly invoked 
R$={LocalIP}$* $| $*    $@ ok                   from here 
# not local, check rcpt 
R$* $| $*               $: $>3 $2 
# remove local part, maybe repeatedly 
R$+                     $:$>remove_local $1 
# still something left? 
R$*<@$+>$*              $#error $@ 5.7.1 $: 550 Sorry.. we do not allow relaying
Sremove_local 
# remove RelayTo part (maybe repeatedly) 
R$*<@$*$={RelayTo}.>$*  $>3 $1 $4 
R$*<@$=w.>$*            $: $>remove_local $>3 $1 $3 
R$*<@$*>$*              $@ $1<@$2>$3 
# dequote local part 
R$-                     $: $>3 $(dequote $1 $) 
R$*<@$*>$*              $: $>remove_local $1<@$2>$3

If anyone knows if the above sendmail rule can still be relaied though email me!! please!! ;)..


Compile/Config Sendmail 8.9.0

The following should work for most Slackware boxes... other Distribs may vary..

The compile part should work for any linux box. The cf part is made to support virtual domains and spam control.. SENDMAIL 8.9.0 DOES NOT SUPPORT DBM ANYMORE. Use "hash" instead of "dbm".. hash is the default db type for everything now.. So far the "spam control" [FEATURE(access_db)] checks From:, To:, some part of Received: fields.

download ftp://ftp.sendmail.org/pub/sendmail/sendmail.8.9.0.tar.gz

# tar -zxf sendmail.8.9.0.tar.gz

# cd sendmail-8.9.0

# pico -w BuildTools/OS/Linux #add the following lines.

define(`confLDOPTS', `-s')
define(`confOPTIMIZE', `-m486 -O2')


# cd src

# Build

# cd ../cf/cf

# pico -w linux.mc

divert(-1)
#
# Copyright (c) 1998 Sendmail, Inc.  All rights reserved.
# Copyright (c) 1983 Eric P. Allman.  All rights reserved.
# Copyright (c) 1988, 1993
#       The Regents of the University of California.  All rights reserved.
#
# By using this file, you agree to the terms and conditions set
# forth in the LICENSE file which can be found at the top level of
# the sendmail distribution.
#
#
#
#  This is the prototype file for a configuration that supports nothing
#  but basic SMTP connections via TCP.
#
#  You MUST change the `OSTYPE' macro to specify the operating system
#  on which this will run; this will set the location of various
#  support files for your operating system environment.  You MAY
#  create a domain file in ../domain and reference it by adding a
#  `DOMAIN' macro after the `OSTYPE' macro.  I recommend that you
#  first copy this to another file name so that new sendmail releases
#  will not trash your changes.
#
divert(0)dnl
VERSIONID(`@(#)tcpproto.mc      8.10 (Berkeley) 5/19/98')
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')
OSTYPE(linux)dnl
DOMAIN(linuxrox.com)dnl
FEATURE(nouucp)dnl
FEATURE(local_procmail)dnl
FEATURE(virtusertable, hash -o /etc/mail/virtusertable)dnl
FEATURE(relay_entire_domain)dnl
FEATURE(access_db)dnl
MAILER(local)dnl
MAILER(smtp)dnl

# pico -w ../domain/linuxrox.com.m4 # replace linuxrox.com with your own domain name.

divert(-1)dnl
#
#  This file contains the global definitions for yourdomain.com
#
divert(0)dnl
VERSIONID(`@(#)linuxrox.com.m4   1.0 (linuxrox.com) 06/01/98')
FEATURE(use_cw_file)dnl

# m4 ../m4/cf.m4 linux.mc > /tmp/sendmail-8.9.0.cf

# cd ../..

# make install # this is install all the new sendmail programs

# cd /etc

# mv sendmail.cf sendmail-original.cf # just incase the new cf won't work we save the old which will..

# cp /tmp/sendmail.cf sendmail-8.9.0.cf

# ln -s sendmail-8.9.0.cf sendmail.cf

# pico -w /etc/sendmail.cw #list all the domains hosted on you box

linuxrox.com
gman.infinex.com
evilpeople.com

Any mail to a specific host on your box that is not listed will be REJECTED. The only exception is if the host is a CNAME to the domain name.

# kill -TERM `head -1 /var/run/sendmail.pid`

# /usr/sbin/sendmail -bd -q15m

 

All done with sendmail.. just "spam control" and virtual domains need to be modifed/configed..

# pico -w /etc/mail/virtusertable #Example of /etc/mail/virtusertable



mp3@evilpeople.com              error:nouser Unknown user
suggest@evilpeople.com          evilppl
@evilpeople.com                 evilppl

@mp3.evilpeople.com             error:nouser Unknown user


# makemap hash /etc/mail/virtusertable < /etc/mail/virtusertable

mp3@evilpeople.com is an email address I don't want people email so people get a "550 Unknown user" when they do try to email mp3@evilpeople.com. suggest@evilpeople.com really goes to the local user called 'evilppl'. You can also redirect to a remote email address (ie. username@hotmail.com).

To offer unlimited "unlimited aliases" just direct everything to as user on your system. For example.

@domain.com                     username_on_system

Example of /etc/mail/access

Friend@         550 Sorry FROM field invalid
evilusername@evilplace.com         550 Spammer, Go away!!
test.com        REJECT
domain.com      550 Sorry, domain.com is not a valid domain.
10.0.2.10       OK
10.0.2          550 Your Netblock not allowed..

Pretty simple

  1. Friend@ - reject email address with Friend@
  2. evilusername@evilplace.com - rejects msg with "550 Spammer, Go away!!" err msg
  3. test.com - gets rejected with REJECT msg
  4. domain.com - sends a "550 Sorry, domain.com is not a valid domain." REJECT msg..
  5. 10.0.2.10 - gets not error msg. Mail always accepted.
  6. 10.0.2 - sends a "550 Your Netblock not allowed.." REJECT msg for any host with IP 10.0.2 except 10.0.2.10