[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[vps-mail] Installing SCBL for sendmail - need help, please

Hello, all!

First post here. So Hi!
Short intro: I'm Dutch, female, live in Amsterdam, and run a couple of "public service" (non-commercial) websites; I know a lot about web standards (in particular (X)HTML and WAI), but not a lot about Unix or sendmail.

Sorry, this first post is also a long one; please bear with me. A lot has happened before coming here for help, so I'll try to describe what happened before in order to avoid repetition of helpful suggestions :)

Disclaimer: my host is _not_Verio but provides a "VPS" hosting with virtual server/virtual root/virtual hosts; it seems that they have (recently?) become a Verio reseller (they didn't use to be); this means that although supplied "extras" for the account may differ, the underlying technology is the same.
I posted first on the SpamCop NG, and a number of helpful people came up with suggestions, all of which I tried (as well as a number of other things) but sendmail is still letting through all spams with IP addresses that _are_ listed in the SpamCop black/blocklist. SikaSpam (also a subscriber to this list) suggested I might find further help here.

History - starting situation:
- hosted virtual server (originally customized BSDi + customized Apache)
- Sendmail
- /etc/sendmail.cf goes back to a version of sendmail 8.6 (or so): i.e., 
before M4 existed; the file has never been generated with M4 - only small manual 
changes have been applied as later versions of sendmail were installed 
(by my host)
- there is thus no *.mc file that can actually reproduce the sendmail.cf 
file

Some time last year all of this provider's accounts were moved to a new server, with FreeBSD, newer versions of provided software, and more disk space. (I suspect this is the point they became a Verio reseller though they never said so.)

I had wanted to implement the SCBL for a long time - but the SpamCop FAQ gives instructions only for how to implement this using M4 - which wasn't an option. With the server move there was finally a version of sendmail supporting this - but no trace of M4 installed; when I asked support about it, I was told to "vinstall sendmail" which would provide this, and several example files. And that they do 'not really' support this. Meanwhile, sendmail.cf was still the old version with some very minor tweaks - not anything generated by M4.

In order to TRY to install the SCBL in this situation, I applied the following strategy (starting last Saturday):

- use the provider's 'vinstallsendmail' to install M4
- pick the "most likely looking" sample *.mc file and copy this to a new file myconfig.mc
- add the FEATURE(`enhdnsbl'...) line as suggested in the FAQ
- build myconfig.cf
- backup sendmail.cf
- compare generated myconfig.cf and sendmail.cf and try to figure out 
what to copy to sendmail.cf (pretty hard, the files are very different, 
it's hard to find the corresponding bits)
- I ended up copying a 'K' rule (Kednsbl) and a set of lines preceded by 
comment "DNS based IP address spam list bl.spamcop.net"
- sent a test mail to main user and two virtual users on the server
- After an initial error message (I missed copying a line) I sent another test mail to same recipients:
this arrived in all three mail boxes

So it looked as if all was OK. In spite of that, blacklisted IPs still got through.

Someone on the SC NG provided me with a command-line method of testing the ruleset:
~~~
sendmail -bt -C /path/to/sendmail.cf
.D{client_addr}127.0.0.1
Basic_check_relay <>

You should see an OK or OKSOFAR message

.D{client_addr}127.0.0.2
Basic_check_relay <>

You should see your rejection text.
~~~
This worked; I also tested with an IP address that I _knew_ as actually in the BL - and again I saw the expected rejection text, indicating that the ruleset is actually sending something to the BL and getting a response back. Still, blacklisted mail is getting through. The log file (~/var/logs/messages) shows rejects for addresses in the 'spammers' db, and dev/null'ed mails, but no BL rejects at all.

By Sunday evening my brain hurt, and everyone was out of ideas, so I took a break, and now I'm here asking for help...
[Positive: I've learned more about the sendmail.cf syntax, and have become a little more comfortable with Unix, in particular FreeBSD ;-)]

Some hunches:
- something wrong with the order in which the rulesets
- the command-line test provides an actual IP address but maybe the point at which the ruleset is implemented in sendmail.cf {client_addr} does not actually contain an IP address (I tried dequote "" -and managed to get the syntax correct for that- but it didn't help).

If it helps at all, and someone would like to look at actual code, I can post the .mc I used and before-and-after sendmail.cf files somewhere. Just let me know.

I'd just _really_ like to get some BL spam filtering working at my mail server!

Thanks for any help or suggestions you may provide.

-- 
Marjolein Katsma

======================================================================
This is <vps-mail@xxxxxxxxxxxx>       <http://www.perlcode.org/lists/>
======================================================================
Main Index | Thread Index
Match: Format: Sort by:
Search: