#	$Id: README,v 1.5 1998/09/02 01:34:57 brian Exp $

		Filtering out SPAM from your site

Introduction:
	The FreeBSD Project filters spam, unsolicited commerical
e-mail, from its mailing lists.  The filter has two parts: databases
and rulesets.  We have rulesets to /etc/sendmail.cf, check_rcpt,
check_relay, check_rbl, check_mail and xlat. (xlat is for testing
only, as explained in /etc/mail/sendmail.cf.additions.) These
rulesets use three databases.  The denyip, a list of IP addresses,
spamsites, a list of domains, and fakenames, a list of bogus
usernames (such as investor and success).  We do not accept mail
from any machine that matches a entry in either database, or users
in the fakenames database.

Filtering at your site:
	To filter spam at your site you need to:
	1. modify your /etc/sendmail.cf, 
	2. create a list of domains/ips you wish to block
	3. make the databases and 
	4. finally signal sendmail that the configuration file has changed.

1. Modifying your /etc/sendmail.cf
	Add the database declarations and the rulesets contained
in /etc/mail/sendmail.cf.additions to your .mc file.  If you do
not use m4 to generate your /etc/sendmail.cf, add the database
declarations to your /etc/sendmail.cf.

2. Put the list of domains you wish to block in /etc/mail/spamsites

3. Make the databases:
	As root, type "cd /etc/mail; make install" will build the
two databases from the retrieved source files and the local additions
files.

4. Signaling sendmail:
	Sendmail will reread its configuration whenever sendmail
receives a HUP signal.  As root, type "kill -HUP `cat
/var/run/sendmail.pid`".  Check sendmail's log file to be sure that
it has restarted.  /var/log/maillog should contain the line:  "Oct
15 08:59:16 hub sendmail[6565]: restarting /usr/sbin/sendmail on
signal".  Most likely, the date, time, hostname and process id will
be differ.

Testing the spam filter:

How can I tell if its working:
	The mail log file, /var/log/maillog, will contain a line
for every message filtered.  The lines will be similar to one of
these two log entries:

Check_mail rejects:
Oct 15 02:43:26 hub sendmail[6565]: CAA06565: ruleset=check_mail,
arg1=<announce@martianconsulate.com>, relay=xxx.isp.net [###.###.###.###],
reject=521 <announce@martianconsulate.com>

Nov 30 15:56:37 hub sendmail[15058]: PAA15058: ruleset=check_mail,
arg1=<ultramax@s2.eddelwissl.NET>, relay=relay.somewhere.com
[###.###.###.###], reject=451 <ultramax@s2.eddelwissl.NET>... Domain
does not resolve


Check_relay rejects:
Oct 19 04:45:24 hub sendmail[3503]: NOQUEUE: ruleset=check_relay,
arg1=imsp015.netvigator.com, arg2=205.252.144.206, relay=root@localhost,
reject=521 blocked.contact postmaster@FreeBSD.ORG

check_rcpt reject:
Nov 30 15:04:08 hub sendmail[12390]: PAA12390: ruleset=check_rcpt,
arg1=investor@100percent.per.year.com, relay=newfed.frb.gov
[198.3.221.5], reject=553 investor@100percent.per.year.com...
521<investor@100percent.per.year.com>#blocked.contact postmaster
Sun Nov 16 11:40:53 PST 1997