Jump to content

[Resolved] SendMail configuration - SCBL + access.db


mcm77

Recommended Posts

First off , THANK YOU all for the spamcop list. It works and has been a godsend. The issue I have here I beleive is a sendmail issue, but I have not gotten an answer and I am hoping one of you understands this better than I and will humor me with an answer.

We are a sendmail (8.12) house and have gone to using your dns blacklist i.e." FEATURE (`dnsbl','bl.spamcop.net',....". Until recently I have ignored my users who complain that certain folks can't send them email. But I am now having to deal with the whitelist issue.

For a simple whitelist I have made additions to /etc/mail/access and then build access.db. What I am finding is that addresses we have OK'd are still stopped. The basic issue I think is an order of precidence. My understanding is that anyone explicitly ok'd in the access.db should not be banned by subsequent blacklist checks. For us, this is not the case.

case 1:

Use the spamcop blacklist

in /etc/mail/access -- "user.ok[at]yahoo.com OK"

MAIL BLOCKED with the error message we give for the spamcop list

case 2:

use the spamcop blacklist

in /etc/mail/access -- "From:user.ok[at]yahoo.com OK"

{not sure which syntax is correct for /etc/mail/access in this version of sendmail }

MAIL BLOCKED

case 3:

use the spamcop blacklist

in /etc/mail/access -- "user.ok[at]yahoo.com ERROR:550 mail failed here"

MAIL BLOCKED-- with the message I use to identify the spamcop list mail- thus the order of precedence is that it got checked on the spamcop list before failing with our /etc/mail/access check.

case 4: {make sure access.db is really working}

dnl- the FEATURE enabling the spamcop list check

in /etc/mail/acces-- "user.ok.yahoo.com ERROR:550 mail fail here

MAIL BLOCKED this time by my explicitly failing it with the 550 error

-- therefor access.db is working, but it does not seem to take precidence over this dns blacklist checking.

so two questions

1) is there an error in my logic?

2) is there a work around for a simple whitelist?

Thanks in advance and THANKS AGAIN for the great list-

michael

Link to comment
Share on other sites

...Sorry I don't know the answer to your question. However, I am moving this post from the "SpamCop Reporting Help" forum (it does not seem to have anything to do with the SpamCop parser) to the "SpamCop Blocklist Help" forum

I then changed the Title to something a bit more descriptive.

Link to comment
Share on other sites

In case you haven't found your answer, I had the same experience you had. You've got it half right with the access.db entries. Here's what I did at our site to make them override the dnsbl:

In sendmail.mc add the line

FEATURE(delay_checks)dnl

And then re-generate sendmail.cf

See Sendmail cf/README - Anti-spam Configuration Control for further details and a couple of side-effects that are easily dealt with.

Link to comment
Share on other sites

Nomorespam is correct- adding the FEATURE(delay_check)dnl did the trick.

For those looking for the entire solution, a synopis of whitelist using access / access.db is below:

1) in sendmail.mc > sendmail.cf, 2 lines are needed

FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl

{most standard configuations already have this working to enable access.db to be functional}

FEATURE(delay_checks)dnl

if you have had to add either line then you must rebuild sendmail.cf

m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf

2) add the users or servers or domains you want whitelisted to /etc/mail/access

for a simple user it is either

"FROM:user.ok[at]domain.com OK"

or

"user.ok[at]domain.com OK"

{syntax depends on version of sendmail- see the sendmail configuration README for your version}

then build the database file:

makemap hash /etc/mail/access.db < /etc/mail/access

3) restart sendmail and you should be good to go-

good luck and thanks to all have worked on the blacklists--

michael

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...