README revision 46216
1# $Id: README,v 1.5 1998/09/02 01:34:57 brian Exp $ 2 3 Filtering out SPAM from your site 4 5Introduction: 6 The FreeBSD Project filters spam, unsolicited commerical 7e-mail, from its mailing lists. The filter has two parts: databases 8and rulesets. We have rulesets to /etc/sendmail.cf, check_rcpt, 9check_relay, check_rbl, check_mail and xlat. (xlat is for testing 10only, as explained in /etc/mail/sendmail.cf.additions.) These 11rulesets use three databases. The denyip, a list of IP addresses, 12spamsites, a list of domains, and fakenames, a list of bogus 13usernames (such as investor and success). We do not accept mail 14from any machine that matches a entry in either database, or users 15in the fakenames database. 16 17Filtering at your site: 18 To filter spam at your site you need to: 19 1. modify your /etc/sendmail.cf, 20 2. create a list of domains/ips you wish to block 21 3. make the databases and 22 4. finally signal sendmail that the configuration file has changed. 23 241. Modifying your /etc/sendmail.cf 25 Add the database declarations and the rulesets contained 26in /etc/mail/sendmail.cf.additions to your .mc file. If you do 27not use m4 to generate your /etc/sendmail.cf, add the database 28declarations to your /etc/sendmail.cf. 29 302. Put the list of domains you wish to block in /etc/mail/spamsites 31 323. Make the databases: 33 As root, type "cd /etc/mail; make install" will build the 34two databases from the retrieved source files and the local additions 35files. 36 374. Signaling sendmail: 38 Sendmail will reread its configuration whenever sendmail 39receives a HUP signal. As root, type "kill -HUP `cat 40/var/run/sendmail.pid`". Check sendmail's log file to be sure that 41it has restarted. /var/log/maillog should contain the line: "Oct 4215 08:59:16 hub sendmail[6565]: restarting /usr/sbin/sendmail on 43signal". Most likely, the date, time, hostname and process id will 44be differ. 45 46Testing the spam filter: 47 48How can I tell if its working: 49 The mail log file, /var/log/maillog, will contain a line 50for every message filtered. The lines will be similar to one of 51these two log entries: 52 53Check_mail rejects: 54Oct 15 02:43:26 hub sendmail[6565]: CAA06565: ruleset=check_mail, 55arg1=<announce@martianconsulate.com>, relay=xxx.isp.net [###.###.###.###], 56reject=521 <announce@martianconsulate.com> 57 58Nov 30 15:56:37 hub sendmail[15058]: PAA15058: ruleset=check_mail, 59arg1=<ultramax@s2.eddelwissl.NET>, relay=relay.somewhere.com 60[###.###.###.###], reject=451 <ultramax@s2.eddelwissl.NET>... Domain 61does not resolve 62 63 64Check_relay rejects: 65Oct 19 04:45:24 hub sendmail[3503]: NOQUEUE: ruleset=check_relay, 66arg1=imsp015.netvigator.com, arg2=205.252.144.206, relay=root@localhost, 67reject=521 blocked.contact postmaster@FreeBSD.ORG 68 69check_rcpt reject: 70Nov 30 15:04:08 hub sendmail[12390]: PAA12390: ruleset=check_rcpt, 71arg1=investor@100percent.per.year.com, relay=newfed.frb.gov 72[198.3.221.5], reject=553 investor@100percent.per.year.com... 73521<investor@100percent.per.year.com>#blocked.contact postmaster 74Sun Nov 16 11:40:53 PST 1997 75