Recently, spam is increasingly rampant. If there is no certain measure, the average daily users will receive no less than 20 spam, more abominable is that in these spam, half of the virus email. Now, even the anti-garbage is better (because of its anti-clothing function, many of the mail servers of many forums can not send to Sina, I believe everyone has experience) mailbox, there will be two three viruses every day. Mail.
I believe that many companies use Sendmail as their own mail server, although there are some black IP address lists for us to use, but spam still can't stand. The monks explored several ways to share with everyone in practice.
1. Check the domain name of Helo and whether its IP address can be reversed. If the HELO domain does not match it, or the IP address cannot be reversed (most of the domestic floating IP cannot be), it is not allowed to send mail to this server, of course, is not allowed to forward.
This is very effective. Of course, because there is no relationship between the IP and Helo domain names, IP, IP is not in turn, it may be treated as garbage, this situation is my solution is It is recommended a list of white lists to maintain these IPs to maintain the correspondence between the HELO domain name.
2. Most of the foreign floating IP can be reversed, which is more annoying, only one batch (all subdomains under this domain name will be blocked, accumulating for three or five days, basically can be blocked.
3. Some boring people, take the opportunity to attack your mail server, see the use of firewalls to seal their IP address.
How to change Sendmail, here you have to compile.
Srvrsmtp.c in Sendmail, this program is his SMTP main program. It is judged that it can be placed in cmdmail or cmdhelo.
There is a CURSMTPCLIENT variable, stored by the sender's IP address, the format is "domain [IP]", and if it is not possible to resolve, there is no previous domain name, only the IP address of the brackets in the back tape.
After the cmdmail and cmdhelo commands, the srvrsmtp.c program generates a variable named "P" to save the Helo domain name and mail address: mail address. These three variables can be used as the basis of our blocked spam. How do I write for us? I am not here, I believe that all administrators have their own ideas.
I only provide a few considerations for reference.
1. It cannot be released only according to the domain name of Helo and the mail domain name of Mail From, and now the domestic garbage sender will make this to escape the blocked, and must be combined with the IP address.
2. ExeMail uses the access.db file as a blacklist or whitelist storage database, of course, you can also build your own DB file. This is implemented using libdb4 libraries, online can be downloaded to DB-4.2.52.tar.gz. This is a C-case program named EX_ACCESS.C, which can be easily used.
3. Domestic number of mail HELO domain names and IP comparison table
202.108.252.135 Tom.com, 163.NET202.108.252.134 Tom.com, 163. Net202.108.45.57 126.COM202.45.59 126.COM202.108.44.214 163.COM202.108.44.138 163.COM202. 108.44.181 163.com202.108.44.164 163.com202.108.44.250 163.com202.108.44.205 163.com202.108.44.237 163.com202.108.44.218 163.com 211.150.96.35 SMTP.263.NET 211 . 150.96.30 mTA10.263.NET61.159.225.75 vip.km169.net61.159.225.77 vip.km169.net61.135.145.20 sohu.com202.96.233.104 WebSvr.wsh.wistron.com.cn211.158.8. 225 ex3bk01.eip.cqcnc.com202.188.224.18 icemail8.AO.ERICSSON.SE202.101.186.105 Vip.163.com202.108.34.19 list.163.com4. Foreign common dynamic domain spam senders
* ADSL-POOL.AXELERO.HU DENY * BRNO.TISCALI.CZ DENY * DIALUP.OPTUSNET.com.Au de Neny * .adelphia.net deny * .dion.ne.jp deny * .shawcable.net deny # * Sympatico.ca Deny * .cinci.rr.com deny * .xod.concentric.net de Neny * .so-net.ne.jp deny * dsl.callplus.net.nz deny * .ne.client2.attbi.com deny * .cable. Conwaycorp.net deny * .comcast.net deny * .mot.com deny * .dialup.alkar.net deny * .asm.bellsouth.net deny * .net.cable.rogers.com deny * .pooles.rima-tde .NET DENY * .MIDSOUTH.RR.com de Neny * .surfer.at deny * .bellsouth.net deny * .ocn.ne.jp deny * .upc-e.chello.nl deny * .milare-TV.ne.jp Deny * .lightbound.com deny * .kuhncom.net deny * .t-ipconnect.de Deny * .t-dialin.net deny * .dsl-verizon.net deny * .vtr.net deny * .mpowercom.net deny * .chello.nl deny * .CHARTER.com deny * .ec.r.com deny * .plalala.or.jp deny * .adsl.tpnet.pl de Nex * .dsl.net.pk deny * .adsl.terra.cl de Nex * .chello.pl deny * .virtua.com.br deny * .dyn.optonline .NET DENY * .DSL-PUN.TH.NET DENY * .ADSL.wanadoo.nl de Ney * .hkicable.com deny * .dsl.att.net deny * .communicomm.com deny * .unitelsd.com deny * .infosel .NET.MX
Deny * .broadband.hu de Ney * .POPTONE.BR DENY * .OPTONLINE.NET DENY * .SHORE.NET DENY * .INTERBUSINESS.IT DENY * .BRASILTELECOM.NET.BR DENY * .RR.com Deny * .mindspring .com deny * .ctcom.co.il deny * .snet.net deny * .retevision.es deny * .cybercable.net.mx deny * .brightohio.net deny * .bonanzacafe.biz Deny * .bonanzahouse.biz deny * .bbtec.net deny * .xrushmail.com deny * .onvol.net deny * .megared.net.mx deny * .roadrunner.nf.net deny * .cable.ntl.com deny * .vspsnl.net.in deny * .cty-net.ne.jp de Ney * .Numericable.fr deny * .maxonline.com.sg deny * .noos.fr deny * .verinternet.com.br Deny * .supercable.es deny * .telepar.net.br deny * .teleweb.at deny * .typhlosoles.net deny * .infoweb.ne.jp de Nex * .iowatelecom.net deny * .bezeqint .NET DENY * .wanadoo.fr deny * .relline.ru deny * .info.com.ph deny * .sympatico.ca deny * .mesh.ad.jp deny * .staff.chu.edu.tw deny * .gultel .com deny * .reins.org deny * .myclearwave.net deny passes the above points, I believe you can write your own anti-spam, welcome everyone to communicate.
By the way, the SMTP process is basically as follows, I hope to write a program for administrators who don't know much about SMTP. Helo Domain
Mail from:
Data
Quit
Due to the disclosure of anti-spam, it is not too spiritual, it will not open my programs.
