Red Hat LINUX 7.2 Reference Manual page 267

Section 16.3:Sendmail
16.3.5 Stopping Spam with Sendmail
Email spam can be defined as unnecessary and unwanted email received by a user that probably does
not know the sender and never requested the communication. It is a very disruptive, costly, and wide-
spread abuse of Internet communication standards.
Sendmail has made it (relatively) easy to block new spamming techniques being employed to send
junk email using your system. It even blocks many of the more usual spamming methods by default.
You would need to consciously activate them by changing your /etc/mail/sendmail.mc file in
a particular way to make your system susceptible.
For example, forwarding of SMTP messages, also referred to as SMTP relaying, has been disabled
by default since Sendmail version 8.9. Before this change occurred, Sendmail would direct your mail
host (x.org) to accept messages from one party (y.com) and send them to a different party (z.net).
Now, however, you have to specifically tell Sendmail to permit a domain to relay mail through your
domain. Simply edit the /etc/mail/relay-domains file and restart Sendmail by typing the
service sendmail restart command as root to activate the changes.
However, many times, your users may be bombarded with spam from other servers throughout the In-
ternet that are beyond your control. In these instances, you can use Sendmail's access control features
available through the /etc/mail/access file. As root, add the domains that you would like to
block or specifically allow access, such as:
Figure 16–4 Example settings for access
badspammer.com
tux.badspammer.com
10.0
Because /etc/mail/access is a database, you need to use makemap to activate your changes by
recreating the database map. This is easily done by running the makemap hash /etc/mail/ac-
cess < /etc/mail/access command as root.
This example shows that any email sent from badspammer.com would be blocked with a 550
RFC-821 compliant error code and message back to the spammer, except for email sent from the
tux.badspammer.com sub-domain, which would be accepted. The last line shows that any email
sent from the 10.0.*.* network can be relayed through your mail server.
As you might expect, this example only scratches the surface of what Sendmail can do in terms of
allowing or blocking access. See the /usr/share/doc/sendmail/README.cf for more de-
tailed information and examples.
16.3.6 Using Sendmail with LDAP
Using the Lightweight Directory Access Protocol (LDAP) is a very quick and powerful way to find
specific information about a particular user from a much larger group. For example, you could use an
550 Go away and don't spam us anymore
OK
RELAY
267