我參考了
http://www.sendmail.org/~ca/email/chk-dbg.html#SCRIPT
下載了
Andrew Daviel andrew@andrew.triumf.ca 所做的測試檔案
結果我自己架起來的 sendmail
//===================================================================
Test FROM spoofing
From:<1199spammer@spam.vancouver-webpages.com> .. 250 2.1.0 <1199spammer@spam.
vancouver-webpages.com>... Sender ok
Reset.. 250 2.0.0 Reset state
From:<nosuchperson> .. 250 2.1.0 <nosuchperson>... Sender ok
Reset.. 250 2.0.0 Reset state
From:<root@> .. 553 5.1.3 <root@>... Hostname required
....
ATOMER_SERVER_IP allows bogus From: header: YES
測試 sendmail.net
//===================================================================
Test FROM spoofing
From:<1199spammer@spam.vancouver-webpages.com> .. 553 5.1.8 <1199spammer@spam.
vancouver-webpages.com>... Domain of sender address 1199spammer@spam.vancouver
-webpages.com does not exist
Reset.. 250 2.0.0 Reset state
From:<nosuchperson> .. 553 5.5.4 <nosuchperson>... Domain name required for se
nder address nosuchperson
Reset.. 250 2.0.0 Reset state
From:<root@> .. 553 5.1.3 <root@>... Hostname required
....
sendmail.net allows bogus From: header: NO
我的sendmail.mc檔案
//===================================================================
divert(0)
VERSIONID(`$Id: generic-bsd4.4.mc,v 8.10 1999/02/07 07:26:02 gshapiro Exp $')
OSTYPE(bsd4.4)
DOMAIN(generic)
FEATURE(`access_db')
FEATURE(`delay_checks')
FEATURE(`virtusertable')
FEATURE(`dnsbl', `blackholes.mail-abuse.org')
MAILER(local)
MAILER(smtp)
dnl The following lines are used to enable the STARTTLS function
define(`CERT_DIR', `/etc/mail/cert')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/cacert.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/mycert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/mykey.pem')dnl
define(`confCLIENT_CERT', `CERT_DIR/mycert.pem')dnl
define(`confCLIENT_KEY', `CERT_DIR/mykey.pem')dnl
dnl The following lines are used to enable CYRUS-SASL function
TRUST_AUTH_MECH(`LOGIN PLAIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN PLAIN')dnl
雖然我的sendmail.cf有
//===================================================================
R<?> $* $@ <OKR> ...local unqualed ok
R<? $+> $* $#error $@ 5.5.4 $: "553 Domain name required for
sender address " $&f
請問我該怎麼設定才會讓 <nosuchperson> 這類的信件被預設擋掉呢!?
--
〒作者:atomer 來自:atomer.csie.ncu.edu.tw
◎二進位的世界【140.115.50.50‧binary.csie.ncu.edu.tw】