Search

1/07/2013

Use DNSBL with Sendmail

It is imperative that we implement some kind of anti-spam controls in
the mail server that receives internet email traffic. One of the
controls is to check the connecting smtp server's ip address against a
blacklist of known spammers, zombie pc, open relays, ip addresses range
that should not send out email (eg the subscriber ip address ranges of
ISP) etc. What is more, many of these blacklists are free to use.

In this example, we use the blacklists provided by zen.spamhaus.org and
cbl.abuseat.org.

In the /etc/mail/sendmail.mc, we add below two lines:

FEATURE(`dnsbl',`zen.spamhaus.org',`"Rejected due to Spamhaus listing
see http://www.abuse.net/sbl.phtml?IP=" $&{clientaddr} " for more
information"')dnl
FEATURE(`dnsbl',`cbl.abuseat.org',`"Rejected due to cbl listing see
http://www.abuse.net/sbl.phtml?IP=" $&{clientaddr} " for more
information"')dnl

Note the use of backquote here (` vs '). The third parameter provides
the customized message that should be returned to the sending mail
server in case it hits the blacklist. Multiple dnsbl can be used
together to enhance the anti spam strength.

To make the changes effective:

m4 sendmail.mc > sendmail.cf
service sendmail restart


To verify whether the anti spam checking is in use, we can look for
something like 'Rejected due to Spamhaus' in the /var/log/maillog.

No comments:

Post a Comment