git clone --recursive https://github.com/robin81/dnsbl-milter.gityum -y install db4-devel glibc-devel make gcc sendmail-cfuseradd -u miltermake && make installcp ./init.d/dnsbl-milter /etc/init.d/dnsbl-milter && chkconfig dnsbl-milter on && service dnsbl-milter start
/etc/mail/dnsbl-milter.ini/etc/mail/dnsbl-miltermade into/etc/mail/dnsbl-milter.dbviamakemap hash dnsbl-milter < dnsbl-milter
A lightweight and flexible Sendmail DNSBL & DNSWL mail filter (milter). dnsbl-milter consults a set of DNS black lists and white lists to determine if messages from particular hosts should be accepted.
Configuration file at /etc/mail/dnsbl-milter.ini:
[DNSBL]
blacklist=blacklist1.blacklist.net,Error message to send back.
blacklist=bl.spamcop.net,Listed on SpamCop RBL. Check http://spamcop.net/
blacklist=b.barracudacentral.org,Listed on Barracuda Reputation Block. Check http://www.barracudacentral.org
whitelist=list.dnswl.org
It is useful to be able to whitelist and blacklist based on a combination of options; not just IP addresses.
/etc/mail/dnsbl-milter.db controls that. /etc/mail/dnsbl-milter.db is typically made via cd /etc/mail && makemap hash dnsbl-milter < dnsbl-milter.
dnsbl-milter will be looked up in the following priority for either value 1 (RBL checks) or 0 (skip RBL checks):
[from:]sender_address[to:]recipient_address
[from:]sender_address[connect:]smtp_connection_ip_octet_1.ip_octet_2.ip_octet_3.ip_octet4
[from:]sender_address[connect:]smtp_connection_ip_octet_1.ip_octet_2.ip_octet_3
[from:]sender_address[connect:]smtp_connection_ip_octet_1.ip_octet_2
[from:]sender_address[connect:]smtp_connection_ip_octet_1
[connect:]smtp_connection_ip_octet_1.ip_octet_2.ip_octet_3.ip_octet4
[connect:]smtp_connection_ip_octet_1.ip_octet_2.ip_octet_3
[connect:]smtp_connection_ip_octet_1.ip_octet_2
[connect:]smtp_connection_ip_octet_1
[default]
For instance, with the following /etc/mail/dnsbl-milter (that is made into /etc/mail/dnsbl-milter.db):
[from:][email protected][to:][email protected] 0
[from:][email protected][connect:]1.2.3.4 0
[default] 1
we will ensure that any emails that satisfy sender address [email protected] and recipient address [email protected] will not be checked against RBLs. Emails with from address [email protected] addressed towards others will continue to be checked against RBLs. Emails from [email protected] will be checked against RBLs unless it comes from connecting IP 1.2.3.4.
We are aware that from addresses are easily spoofable. It is useful to whitelist based on from and to combination. For instance, your organization expects important emails from [email protected] to [email protected] and [email protected] seems to have IPs of ill repute. Such whitelists can ensure that those important emails will never be bounced due to a RBL blacklist. Given the specificity of the whitelists, the organization may deem it to be acceptable to have such a whitelist.
You can put the following into /etc/mail/sendmail.mc before MAILER definitions:
INPUT_MAIL_FILTER(`dnsbl-milter', `S=unix:/var/run/milter/dnsbl-milter.sock, T=C:5m;S:20s;R:5m;E:10m, F=T')dnl
and compile it into sendmail.cf via cd /etc/mail && make