|
»
OT: sendmail issue
|
View:
New views
2 Messages
—
Rating Filter:
Alert me
|
 |
OT: sendmail issue
by John Sutton
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message Hi there
I've just posted this to news:comp.mail.sendmail (why do Sendmail still insist on using this ridiculous protocol?) without any great hope of receiving any sensible responses, so I'm hoping someone here might be able to help me? TIA. ------------------------------------------ Subject: Switch off dnsbl lookup for port 587? Hi there I would like to use a dnsbl lookup on connections to port 25 but omit the lookup for (authenticated-only) connections to the MSA port 587. In this way, my roaming users/dynamicIP users will not get locked out. I cannot use FEATURE(delay_checks) because this defeats the DCC hack to disable DCC for SMTP AUTHed connections ;-( Seems like a perfectly reasonable requirement to me but the only way I can see to do it is to run a second daemon. Any other ideas? TIA John Sutton ------------------------------------------ -- *************************************************** John Sutton SCL Internet URL http://www.scl.co.uk/ Tel. +44 (0) 1239 622 411 SCL Internet is a trading name of Shireglobe Computers Limited, a company registered in England and Wales with company number 2441708. *************************************************** _______________________________________________ DCC mailing list DCC@... http://www.rhyolite.com/mailman/listinfo/dcc |
|
|
Re: OT: sendmail issue
by Vernon Schryver
::
Rate this Message:
Reply (Restricted by the Administrator) | Reply to Author | View Threaded | Show Only this Message > From: John Sutton
> I would like to use a dnsbl lookup on connections to port 25 > but omit the lookup for (authenticated-only) connections to > the MSA port 587. In this way, my roaming users/dynamicIP > users will not get locked out. I cannot use FEATURE(delay_checks) > because this defeats the DCC hack to disable DCC for SMTP AUTHed > connections ;-( What happens if you move the DNSBL checks from sendmail's FEATURE(enhdnsbl) to dccm -B? notes: - see the dccm man page on your system or http://www.dcc-servers.net/dcc/dcc-tree/dccm.html - if you have installed a recent version of dccm by running /var/dcc/updatedcc, then there is a /var/dcc/dcc_conf-new file containing comments with an example DNSBL setting, as well as the settings from your current dcc_conf file. - depending on your combination of white and blacklisting in the global /var/dcc/whiteclnt and per-user /var/dcc/userdirs/local/$USER/whiteclnt files, it might be necessary to add the following line to /var/dcc/whiteclnt option MTA-first - dccm checks not only the SMTP client IP address against the DNS blacklist as sendmail does, but also the SMTP Mail_From domain name, URLs in the message body, MX servers for Mail_From domain nams, and DNS servers for Mail_From domain names and URLs. That is wrong for some DNSBLs such as Spamhaus's PBL and ZEN that contain IP addresses of legitimate DNS servers. When that is the case, precede the -B arg in DNSBL_ARGS in /var/dcc/dcc that specifies the DNSBL with -Bset:no-envelope -Bset:no-body -Bset:no-MX and/or -Bset:no-NS as needed. Vernon Schryver vjs@... _______________________________________________ DCC mailing list DCC@... http://www.rhyolite.com/mailman/listinfo/dcc |
| Free Forum Powered by Nabble | Forum Help |
