README revision 46216 
1#	$Id: README,v 1.5 1998/09/02 01:34:57 brian Exp $
2
3		Filtering out SPAM from your site
4
5Introduction:
6	The FreeBSD Project filters spam, unsolicited commerical
7e-mail, from its mailing lists.  The filter has two parts: databases
8and rulesets.  We have rulesets to /etc/sendmail.cf, check_rcpt,
9check_relay, check_rbl, check_mail and xlat. (xlat is for testing
10only, as explained in /etc/mail/sendmail.cf.additions.) These
11rulesets use three databases.  The denyip, a list of IP addresses,
12spamsites, a list of domains, and fakenames, a list of bogus
13usernames (such as investor and success).  We do not accept mail
14from any machine that matches a entry in either database, or users
15in the fakenames database.
16
17Filtering at your site:
18	To filter spam at your site you need to:
19	1. modify your /etc/sendmail.cf, 
20	2. create a list of domains/ips you wish to block
21	3. make the databases and 
22	4. finally signal sendmail that the configuration file has changed.
23
241. Modifying your /etc/sendmail.cf
25	Add the database declarations and the rulesets contained
26in /etc/mail/sendmail.cf.additions to your .mc file.  If you do
27not use m4 to generate your /etc/sendmail.cf, add the database
28declarations to your /etc/sendmail.cf.
29
302. Put the list of domains you wish to block in /etc/mail/spamsites
31
323. Make the databases:
33	As root, type "cd /etc/mail; make install" will build the
34two databases from the retrieved source files and the local additions
35files.
36
374. Signaling sendmail:
38	Sendmail will reread its configuration whenever sendmail
39receives a HUP signal.  As root, type "kill -HUP `cat
40/var/run/sendmail.pid`".  Check sendmail's log file to be sure that
41it has restarted.  /var/log/maillog should contain the line:  "Oct
4215 08:59:16 hub sendmail[6565]: restarting /usr/sbin/sendmail on
43signal".  Most likely, the date, time, hostname and process id will
44be differ.
45
46Testing the spam filter:
47
48How can I tell if its working:
49	The mail log file, /var/log/maillog, will contain a line
50for every message filtered.  The lines will be similar to one of
51these two log entries:
52
53Check_mail rejects:
54Oct 15 02:43:26 hub sendmail[6565]: CAA06565: ruleset=check_mail,
55arg1=<announce@martianconsulate.com>, relay=xxx.isp.net [###.###.###.###],
56reject=521 <announce@martianconsulate.com>
57
58Nov 30 15:56:37 hub sendmail[15058]: PAA15058: ruleset=check_mail,
59arg1=<ultramax@s2.eddelwissl.NET>, relay=relay.somewhere.com
60[###.###.###.###], reject=451 <ultramax@s2.eddelwissl.NET>... Domain
61does not resolve
62
63
64Check_relay rejects:
65Oct 19 04:45:24 hub sendmail[3503]: NOQUEUE: ruleset=check_relay,
66arg1=imsp015.netvigator.com, arg2=205.252.144.206, relay=root@localhost,
67reject=521 blocked.contact postmaster@FreeBSD.ORG
68
69check_rcpt reject:
70Nov 30 15:04:08 hub sendmail[12390]: PAA12390: ruleset=check_rcpt,
71arg1=investor@100percent.per.year.com, relay=newfed.frb.gov
72[198.3.221.5], reject=553 investor@100percent.per.year.com...
73521<investor@100percent.per.year.com>#blocked.contact postmaster
74Sun Nov 16 11:40:53 PST 1997
75