Red Hat ENTERPRISE LINUX 5 - DEPLOYMENT Deployment Manual page 410

Chapter 24. Email
24.3.1.5. Stopping Spam
Email spam can be defined as unnecessary and unwanted email received by a user who
never requested the communication. It is a disruptive, costly, and widespread abuse of Internet
communication standards.
Sendmail makes it relatively easy to block new spamming techniques being employed to send junk
email. It even blocks many of the more usual spamming methods by default. Main anti-spam features
available in sendmail are header checks, relaying denial (default from version 8.9), access database
and sender information checks.
For example, forwarding of SMTP messages, also called relaying, has been disabled by default
since Sendmail version 8.9. Before this change occurred, Sendmail directed the mail host (x.edu) to
accept messages from one party (y.com) and sent them to a different party (z.net). Now, however,
Sendmail must be configured to permit any domain to relay mail through the server. To configure relay
domains, edit the /etc/mail/relay-domains file and restart Sendmail.
However, many times users are bombarded with spam from other servers throughout the Internet. In
these instances, Sendmail's access control features available through the /etc/mail/access file
can be used to prevent connections from unwanted hosts. The following example illustrates how this
file can be used to both block and specifically allow access to the Sendmail server:
badspammer.com ERROR:550 "Go away and do not spam us anymore" tux.badspammer.com OK 10.0
RELAY
This example shows that any email sent from badspammer.com is blocked with a 550
RFC-821 compliant error code, with a message sent back to the spammer. Email sent from the
tux.badspammer.com sub-domain, is accepted. The last line shows that any email sent from the
10.0.*.* network can be relayed through the mail server.
Because /etc/mail/access.db is a database, use makemap to activate any changes. Do this
using the following command as root:
makemap hash /etc/mail/access < /etc/mail/access
Message header analysis allows you to reject mail based on header contents. SMTP servers store
information about an emails journey in the message header. As the message travels from one MTA
to another, each puts in a "Received" header above all the other Received headers. It is however
important to note that this information may be altered by spammers.
The above examples only represent a small part of what Sendmail can do in terms of allowing or
blocking access. Refer to the /usr/share/sendmail-cf/README for more information and
examples.
Since Sendmail calls the Procmail MDA when delivering mail, it is also possible to use a spam filtering
program, such as SpamAssassin, to identify and file spam for users. Refer to
Filters"
for more about using SpamAssassin.
24.3.1.6. Using Sendmail with LDAP
Using the Lightweight Directory Access Protocol (LDAP) is a very quick and powerful way to find
specific information about a particular user from a much larger group. For example, an LDAP server
384
Section 24.5.2.6, "Spam