A.P. Lawrence Home
Information and Resources for Unix and Linux Systems
|Search||FAQ||Newest Articles||Contact Info||Articles||Books||Find a Consultant||Site Map||RSS Feeds|
Printer Friendly Version
Please read this disclaimer
Default text size - Smaller text size
What is this stuff?
From: firstname.lastname@example.org (Matt Lewis) Subject: Howto Configure MMDF for inbound and outbound relay control authhosts Date: 18 Oct 2002 19:16:59 -0700 Installing Anti-Relay for MMDF SCO OpenServer 5.0.x August 30, 2002 Premise: Probably this action is being taken for one of two reasons. a. Client is being sent unsolicited email to the point of server failure or extreme slowness b. Client has had their domain-name / ip address blacklisted by one or many of the various real time black hole DNS list servers. Solution: a. Close the clients open relay by applying an auth-hosts list for MMDF b. Get client de-listed from the various black hole lists that they may be entered on. c. Contact your internet service provider and have relay for their mail server turned back on for outbound email from clients mail server. Result: a. This setup will give you an mmdf config that will block relay before the message is copied to the server that is in the smtp session itself. b. The following setup assumes you are using a smart-host to send out non local mail. This can be easily changed by putting in the Nameserver feature. ------------------------------------------------------------------------------- *** Closing Open-Relay with Authhosts *** 1. Shut down deliver process so that additional spam email does not cripple the system ( kill -9 process id of deliver) 2. Make a list of all ip addresses on the local area network of the client 3. As root edit /etc/hosts to include a full resolution of each ip address that you discovered. exa. 10.1.0.21 ardept1.testdomain.com ardept1 Note: A fully qualified address must be used as the first alias for the ip address in /etc/hosts. That is it must be in the form hostname.domainname 10.1.0.21 ardept1 ardept1.testdomain.com # Will not work for MMDF 4. Next as user mmdf edit /usr/mmdf/mmdftailor and add the following entries. MTBL show="MMDF authorization", name=authhosts, file=authhosts, flags=file Then on each outgoing mail channel. Add auth=inblock, outsrc=authhosts,indest=authhosts This says to use an authorization filter for all outgoing and incoming mail. And that this filter is defined in /usr/mmdf/table/authhosts Example mmdftailor entries below on how to add this.. ------------------- MCHN show="Mailing list processor", name=list, que=list, tbl=list, pgm=list, ap=same, mod=imm, host=tuffmc.com, auth=inblock, outsrc=authhosts, indest=authhosts MCHN show="SMTP channel", name=smtp, que=smtp, tbl=smtpchn, pgm=smtp, ap=822, mod=host, confstr="charset=7bit", auth=inblock, outsrc=authhosts, indest=authhosts MCHN show="Smart-host Routing for hosts", name=badhosts, que=badhosts, tbl=smtpchn, pgm=smtp, ap=822, mod=host, confstr="charset=7bit,hostname=testdomain.com", host=smtp.internetprovider.com, auth=inblock, outsrc=authhosts, indest=authhosts MCHN show="Nameserver Delay channel", name=delay, que=delay, tbl=smtpchn, pgm=delay, ap=same ----------------------------- 5. Now create /usr/mmdf/table/authhosts ( touch /usr/mmdf/table/authhosts ) Edit this file. At the top put in local: followed by the fully qualified hostnames that you entered into /etc/hosts Note: ip addresses will not work in authhosts. MMDF will not know what to do with it and the pc will not be able to send out any mail. example /usr/mmdf/table/authhosts -------------------- local: michele.testdomain.com tuff1.testdomain.com tuff2.testdomain.com tuff3.testdomain.com tuff4.testdomain.com tuff5.testdomain.com tuff6.testdomain.com tuff7.testdomain.com tuff8.testdomain.com tuff9.testdomain.com tuff10.testdomain.com tuff11.testdomain.com tuff12.testdomain.com -------------------- 6. To re-build all hashed databases and update your configuration run. ( /usr/mmdf/table/dbmbuild ) 7. Re launch deliver ( /usr/mmdf/bin/deliver -b -T30 ) *** Removing Client ip address from Black Hole Lists *** 1. To check what if any black hole lists the client mail server may be on goto www.dnsstuff.com and enter the hostname or ip adress into their spam database lookup. This will show a listing of about 70 or so major black hole lists which may have the mail server listed. "Note: for some reason the tables on this site only work with Internet Explorer" 2. Contact each black hole list that you are listed on for how to de-list. Usually they have this information on their web page.
Add/Edit Comments or Links (no login required) (Refresh page to see your comments)
Authenticated users post here (login required)
Printer Friendly Version
Have you tried Searching this site?
Please read this disclaimer
Unix/Linux/Mac OS X support by phone, email or on-site: Support Rates
This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more. We appreciate comments and article submissions.