Daily on post server of our Hosting Service Provider some hundred undesirable letters are comes. It creating the big parasitic traffic and hammering in mail boxes of users. In this case spam-filters it is necessary to establish directly on a post server of the organization. For realization of it we shall take advantage of opportunities of Sendmail server entering in delivery FreeBSD and Linux by default and consequently most often used (the order of 75 % from the general number of post servers are served by means of Sendmail).

Since Sendmail 8.9, in adjustments by default relaying of letters through a post server is forbidden for any units. Before the beginning of use of a new post server it is necessary to establish necessarily who can carry out relaying of mail. Usually it only computers of a local network and units being your domain.

The most simple way to make it - to use base of access which is in a file/etc/mail/access/. By means of base of access it is possible to limit relaying of mail through the server. It should contain the list of post addresses, domains and ip-addresses of units which it is authorized or, on the contrary, it is forbidden to send mail, using the given server.

At installation Sendmail together with operational system (as it occurs usually with FreeBSD) the configuration file sendmail.cf usually already contains necessary commands for use of base of access, but sometimes it is necessary to include this option manually, for this purpose:

1. Add command FEATURE (access_db) dnl in your file sendmail.mc and by means of a preprocessor m4 create a new configuration file sendmail.cf
m4.> sendmail.cf

2. Copy a new file of a configuration in the catalogue/etc/mail, not having forgotten to keep the previous variant. mv/etc/mail/sendmail.cf/etc/mail/sendmail.cf.old
cp./etc/mail/sendmail.cf

3. Restart Sendmail:
killall-HUP sendmail

The file of base access (/etc/mail/access) consists of lines of the values containing pair divided by blanks or tabulation. The first value should be the electronic address, a name of the domain or the IP-address (it is possible to set the whole networks), the second - a code designation of action.

Action can be the following:

• REJECT - connection with the transferring unit immediately is broken off.
• DISCARD - the server will accept the message, and "will swallow" it, having informed on successful delivery to the sender, but will not deliver the letter
• OK - resolves access (it is usually used for redefinition of other conditions)
• RELAY - resolves transfer of mail

Error code and its description: similarly REJECT, but allows to create own error messages.

The typical file access usually looks so:
# our local network - 192.168.x.x addresses
192.168 RELAY

# a server, being your domain
domain.com RELAY

# somebody it is authorized to whom to use our post service whence is necessary
masha@mail.com RELAY

# domains spammers
cyberspammer.com 550 Spam
listbuilder.com 550 Spam
spamer.com 550 Spam

Instead of the message "550 Spam" it is possible to write REJECT, behaviour SendMail from it will not change, but detailed error messages can be useful at the analysis log-files Sendmail (/var/log/maillog).

For acceleration of processing of letters SendMail uses hashing bases of access in format BerkeleyDB which is made by means of the utility makemap:
makemap hash/etc/mail/access.db (/etc/mail/access)

Now mail to your users can send everything, except for those domains or ip-addresses which you especially will specify. This way is effective only for prevention of dispatch spam through your server. For everyone spammer’s the domain or a server which sends letters to your users, it is necessary to write the line in/etc/mail/access, that is labour-consuming enough.

For the decision of a problem of conducting lists of servers from which it is dispatched spam in SendMail 8.9 support DNS-based blacklists has been entered. Black lists of servers by means of which spammers can unpunishedly dispatch millions letters are supported by the various organizations both on a commercial basis, and in an easy approach. We shall consider use of similar services on an example of system Open Realy Database (ordb.org).

In systems based on DNSBL IP addresses opened relays are stored in base DNS of a server in the form of records of type And (Address) upside-down. For example, if the server has 1.2.3.4 ip-address that in base ORDB there will be such record:
4.3.2.1.relays.ordb.org IN A 127.0.0.2

In this case presence of similar record specifies that the server 1.2.3.4 supposes free transfer of mail everybody and mail from it should be blocked. 127.0.0.2 address is used only as a filler (since the field of the address in DNS cannot be empty).

That your server Sendmail blocked mail from units, IP which addresses to contain in in a database relays.ordb.org it is necessary to add the following instruction in your file of a configuration sendmail.mc:

• For SendMail 8.10 and above:
  FEATURE (`dnsbl', `relays.ordb.org', `Rejected - see http://ordb.org/') dnl
• For SendMail 8.9:
  FEATURE (` rbl ', ` relays.ordb.org ') dnl
  A then reconfig and to establish a new file sendmail.cf
• For SendMail 8.8 and below for addition of this opportunity you should edit manually a file sendmail.cf (it settles down in the catalogue/etc/mail). Add in procedure Basic_check_relay (it is designated by capital letter S - SBasic_check_relay) following rules:
  R $* $: $& {client_addr}
  R $-. $-. $-. $-$: <?> $ (host $4. $ 3. $ 2. $ 1.relays.ordb.org. $: OK $)
  R <?> OK $: OKSOFAR
  R <?> $ + $#error $ 5.7.1 $: Rejected - see http://ordb.org/
  

Pay attention what to add these rules it is necessary after all existing rules in this procedure. To define, where the rules placed in procedure SBasic_check_relay come to an end, it is possible at first following procedure which name is designated by a symbol <S>, for example SLocal_check_mail (it is usual Local_check_mail goes right after Basic_check_relay if certainly Sendmail it is not adjusted somehow very non-standardly). After the new file of a configuration will be ready, it is necessary for you to restart SendMail:

killall-HUP sendmail

Now one more way of dispatch spam, using not opened post a server, and direct delivery to a server of the addressee (this opportunity is in such programs of mass dispatch as Advanced Direct Remailer, Advanced Mass Sender) has was extended. Such dispatch is usually made with use anonymous Dial-Up connections, spammer buys a card of access to the Internet, dispatches set of letters and completely disappears. For struggle against such dispatches it is necessary to block mail coming with the addresses belonging directly modem pools of providers of access. The providers supporting this initiative, bring the ip-addresses which are given out at connection to their modem pools in the general base.

Adjustment of your server dul is made for use of service similarly ordb (that actually and not surprisingly since both use the same mechanism dnsbl), in a file sendmail.mc add:

• For SendMail 8.10 and above:
  FEATURE (` dnsbl ', ` dul.ru ') dnl
• For SendMail 8.9:
  FEATURE (` rbl ', ` dul.ru ') dnl

There is still a big number of similar services, about many of them is told on a site spamhaus.org, also the system under name The Spamhaus Block List there is supported. Unfortunately, the system is complex enough in installation and adjustment.

Except for similar radical methods of struggle there can be useful an application of auxiliary means, such as blocking of the certain post programs and blocking of the letters, not containing weeding To: or containing in it value (Sendmail inserts this value if in headings of the accepted letter there is no field To).

Blocking of letters dispatched by means of programs of mass dispatch can be made by means of heading X-Mailer. Usual letters contain the name of the post program of the sender in this heading. For example or. Many programs of mass dispatch allow to set any way this heading or simply do not specify it. Nevertheless by default at many programs such heading is present at adjustments also many beginners ñïàìåðû it do not change. So the chance to catch spam by means of similar filters exists. As shows an expert it is usually caught Advanced Mass Sender.

For a filtration of known programs of mass dispatch on the basis of heading X-Mailer include in your file sendmail.mc in section LOCAL_RULES following rules:

SCheckMailer

After entering respective alterations reconf the file sendmail.cf also establish it. You can do without recompilation of a configuration file, simply having added these rules in the end of the file of a configuration - section LOCAL_RULES is transferred to it at assembly without changes.

Also it is possible to block letters with empty heading and with empty or incorrectly generated field Message-ID (it should be in a format id@domen). Most likely they are sent by spammers. It can be made by means of following rules:

Basically all. You have protected yourselves from overwhelming quantity spam.