Okay, I've mooched off everyone else for too long without "giving back", so here goes, my tips for Sendmail on Ensim:
1) Backup your /usr/lib/opcenter/sendmail/install/sendmail.mc and /etc/sendmail.cf and /etc/mail/access and /etc/mail/access.db and /etc/aliases files before you start!
2) These changes go in the sendmail.mc file
Security enhancements:
CODE
#FL20031125 start mods
#define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun')dnl
define(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun,needmailhelo')dnl
define(`confMAX_DAEMON_CHILDREN',50)
define(`confSMTP_LOGIN_MSG',$j Sendmail Secure/Rabid; $b)
define(`confMIN_FREE_BLOCKS', `4000')
define(`confMAX_HEADERS_LENGTH', `32000')
define(`confMAX_MIME_HEADER_LENGTH', `1024')
define(`confMAX_RCPTS_PER_MESSAGE', `100')
#FL20031125 end mods
This requires a HELO or EHLO greeting from the sending SMTP server; puts limits on Sendmail forks and other settings to stop a DOS attack from overwhelming your server; Munges the Sendmail server identification to make it harder to hack (since you don't know the version of Sendmail); limits the number of recipients in a single message.
My blocklists. I put different numbers in each blocklist reject message, so I can identify & count them out of /var/log/maillog and get stats on each one...
CODE
#FL20030930 our blocklists
FEATURE(`dnsbl', `relays.ordb.org', `551 Rejected - see [url]http://ordb.org/[/url]')dnl
FEATURE(dnsbl, `bl.spamcop.net', `"552 Spam blocked see: [url]http://spamcop.net/bl.shtml?[/url]" $&{client_addr}')dnl
FEATURE(`dnsbl', `dnsbl.sorbs.net', `"554 Rejected " $&{client_addr} " found in dnsbl.sorbs.net"')dnl
FEATURE(`dnsbl', `rhsbl.sorbs.net', `"555 Rejected " $&{client_addr} " found in rhsbl.sorbs.net"')dnl
FEATURE(dnsbl,`dnsbl.njabl.org',`559 Message from $&{client_addr} rejected - see [url]http://njabl.org/[/url]')
FEATURE(`dnsbl', `sbl.spamhaus.org', `"556 Rejected " $&{client_addr} " - see [url]http://www.spamhaus.org/SBL/[/url]"')dnl
FEATURE(`dnsbl', `cbl.abuseat.org', `"557 Rejected " $&{client_addr} " - see [url]http://cbl.abuseat.org[/url]"')dnl
FEATURE(dnsbl,`dnsbl.ahbl.org', `"558 Host is on the AHBL - Please see [url]http://www.ahbl.org/tools/lookup.php?ip=[/url]"$&{client_addr}')dnl
FEATURE(`dnsbl', `chinanet.blackholes.us', `"560 Rejected " $&{client_addr} " - listed by chinanet.blackholes.us"')dnl
#don't bounce errors back to me
define(`confDOUBLE_BOUNCE_ADDRESS', `dev-null')
#delay checks, so we see the intended recipient
FEATURE(`delay_checks')dnl
#FL20030930 end of our blocklists
all of the above go before the line:
FEATURE(`blacklist_recipients')dnl
Other notes:
create an alias in /etc/alias called dev-null and point it to /dev/null:
dev-null: /dev/null
the above Double Bounce Address is where someone sends email to a bogus mailbox on YOUR server, and YOUR server bounces it back to the FROM address, which then bounces back to you, because of course it was from a spammer! This throws the double bounce into the bit bucket ;-)
The delay_checks feature causes it to log the sender from address and other info, when it rejects spam.
In file /etc/mail/access:
Connect:xxx.xxx.xxx.xxx OK
where xxx.xxx.xxx.xxx is YOUR server IP. This keeps you from blocking yourself, if you happen to get listed in one of the blocklists you use!
To apply this, run:
m4 /usr/lib/opcenter/sendmail/install/sendmail.mc > /etc/sendmail.cf
/sbin/service sendmail restart
If you have a problem, restore your /etc/sendmail.cf and restart sendmail. You DID back it up, right?
Any others with some tips?
Reference: http://forums.theplanet.com/lofiversion/index.php/t37434.html
My Blog List
-
`The Rising Threat to Linux Systems: How MDR Services Mitigate Risks - Linux systems, known for their robustness and reliability, are increasingly becoming targets for cybercriminals. The growing popularity of Linux, especia...2 days ago
-
How to find hard disk (SSD) serial numbers in Linux - [image: See all GNU/Linux related FAQ] You need to use the smartctl command to display the hard disk (SSD) serial numbers in Linux. This is useful when cha...1 week ago
-
PaloAlto init-cfg.txt Bootstrap Config file Layout with Examples - When you install and configure the PaloAlto firewall, when the firewall boots up for the first time, it does the bootstrapping process. PaloAlto uses the s...2 years ago
-
Clusterssh – Administer multiple ssh or rsh shells simultaneously - Sponsored Link The command opens an administration console and an xterm to all specified hosts. Any text typed into the administration console is replicate...3 years ago
-
Web Application Vulnerability Scanning Tools - Web Application Vulnerability Scanning Tools Nessus http://www.tenable.com/products/nessus PortSwigger https://portswigger.net/ qualys https://www.qualys....5 years ago
-
What You Don’t Know About Linux Open Source Could Be Costing to More Than You Think - Guest post by Marc Fisher If you would like to test out Linux before completely switching it as your everyday driver, there are a number of means by which ...6 years ago
-
Resolving Sysprep problems with App-X packages (Part 1) - This is the first of two articles explaining how to fix systems that won't Sysprep if Windows Native/App-X applications have been removed and Windows patches.7 years ago
-
V2V Communications security considerations - The future of vehicles, road infrastructure and driving are changing. We are progressing with vehicle-to-vehicle (V2V) and vehicle-to-infrastructure (V2I) ...7 years ago
-
10 UNIX / Linuz Size Command Examples for ObjectFiles - Linux size is part of GNU binutils. This utility is very helpful for programmers to analyze the data from the executable files (or object files). By defaul...10 years ago
-
Updating VMware Tools on Red Hat Enterprise/Scientific/CentOS Linux 6 for VMware ESXi 5 - In a previous post I discussed installing the open source VMware tools for Red Hat Enterprise/Scientific/CentOS Linux 6 from a yum package repository provi...13 years ago
