Доброе время суток,всем!
Никак не получется справиться с проблемой подключения к моему серверу спаммеров, которые используют адреса типа vsyakayalabuda@mydomain.ru. То есть реально пользователя нет, однако Sendmail позволяет выполнять пересылку от такого пользователя. Файл access не очень помогает.
Поэтому покритикуйте мой конфиг, может что неправильно ..
divert(-1)
include(`/usr/share/sendmail-cf/m4/cf.m4')
include(`/etc/mail/local_rulez')
VERSIONID(`linux setup for Red Hat Linux')dnl
OSTYPE(`linux')
dnl through an external mail server:
dnl define(`SMART_HOST',`myprovider')
define(`confDEF_USER_ID',``8:12'')dnl
define(`confRUN_AS_USER',`root')dnl
define(`confTRUSTED_USER',`drweb')dnl
define(`LUSER_RELAY',`error:No such user')dnl
define(`confMAX_RCPTS_PER_MESSAGE',`20')dnl
define(`confMAX_MESSAGE_SIZE',`5000000')dnl
undefine(`UUCP_RELAY')dnl
undefine(`BITNET_RELAY')dnl
undefine(`DECNET_RELAY')dnl
dnl define(`confAUTO_REBUILD')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTRY_NULL_MX_LIST',true)dnl
define(`confDONT_PROBE_INTERFACES',true)dnl
define(`PROCMAIL_MAILER_PATH',`/usr/bin/procmail')dnl
define(`ALIAS_FILE', `/etc/aliases')dnl
define(`STATUS_FILE', `/etc/mail/statistics')dnl
dnl define(`UUCP_MAILER_MAX', `2000000')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun,nobodyreturn')dnl
define(`confAUTH_OPTIONS', `A')dnl
dnl TRUST_AUTH_MECH(`EXTERNAL DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
dnl define(`confCACERT_PATH',`/usr/share/ssl/certs')
dnl define(`confCACERT',`/usr/share/ssl/certs/ca-bundle.crt')
dnl define(`confSERVER_CERT',`/usr/share/ssl/certs/sendmail.pem')
dnl define(`confSERVER_KEY',`/usr/share/ssl/certs/sendmail.pem')
define(`confTO_QUEUEWARN', `4h')dnl
define(`confTO_QUEUERETURN', `5d')dnl
define(`confQUEUE_LA', `12')dnl
define(`confREFUSE_LA', `18')dnl
define(`confTO_IDENT', `0')dnl
dnl FEATURE(delay_checks)dnl
dnl# DrWeb, SpamAssasin
INPUT_MAIL_FILTER(`spamassasin',`S=local:/var/run/spamas.sock,F=,T=C:15m;S:4m;R:4m;E:10m')dnl
MAIL_FILTER(`drweb-filter',`S=inet:3001@localhost,F=T,T=C:1m;S:5m;R:5m;E:1h')
define(`confINPUT_MAIL_FILTERS',`drweb-filter')
define(`confMILTER_LOG_LEVEL',`6')
FEATURE(`nouucp',`reject')dnl
FEATURE(`no_default_msa',`dnl')dnl
FEATURE(`smrsh',`/usr/sbin/smrsh')dnl
FEATURE(`mailertable',`hash -o /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable',`hash -o /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
dnl The '-t' option will retry delivery if e.g. the user runs over his quota.
FEATURE(local_procmail,`',`procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db',`hash -T<TMPF> -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`nocanonify')dnl
dnl# Block black-list address
FEATURE(`dnsbl',`list.dsbl.org')dnl
FEATURE(`dnsbl',`bl.spamcop.net')dnl
FEATURE(`dnsbl',`sbl.spamhaus.org')dnl
FEATURE(`dnsbl',`blackholes.mail-abuse.org')dnl
FEATURE(`dnsbl',`relays.mail-abuse.org')dnl
FEATURE(`dnsbl',`dnsbl.void.ru',`Blocked by VOID.RU proxychecker')dnl
FEATURE(`dnsbl',`relays.ordb.org',`Reject - see http://ordb.org/')dnl
FEATURE(`dnsbl',`dul.ru')dnl
EXPOSED_USER(`root')dnl
dnl This changes sendmail to only listen on the loopback device 127.0.0.1
dnl and not on any other network devices. Comment this out if you want
dnl to accept email over the network.
dnl DAEMON_OPTIONS(`Port=smtp,Addr=127.0.0.1, Name=MTA')
dnl NOTE: binding both IPv4 and IPv6 daemon to the same port requires
dnl a kernel patch
dnl DAEMON_OPTIONS(`port=smtp,Addr=::1, Name=MTA-v6, Family=inet6')
dnl We strongly recommend to comment this one out if you want to protect
dnl yourself from spam. However, the laptop and users on computers that do
dnl not have 24x7 DNS do need this.
FEATURE(`accept_unresolvable_domains')dnl
FEATURE(`relay_based_on_MX')dnl
FEATURE(masquerade_envelope)dnl
FEATURE(masquerade_entire_domain)dnl
MASQUERADE_AS(`mydomain.ru')dnl
MASQUERADE_DOMAIN(`mail.mydomain.ru')dnl
MASQUERADE_DOMAIN(`localhost.localdomain')dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
Cwmydomain.ru
Заранее спасибо.
P.S. Можно и носом тыкать, но конструктивно. :-))