qmail-smtpd badmailfrom-unknown addon

this patch against a vanilla qmail-1.03 adds another control file to qmail-smtpd. This control file named

    control/badmailfrom-unknown

is only consulted if the IP address of the connecting client does not have a PTR record in DNS. In that case tcpserver doesn't set TCPREMOTEHOST and qmail-smtpd sets the variable remotehost to unknown. If this is true qmail-smtpd with the diff applied does an additional check of the domain of the envelope sender against the control/badmailfrom-unknown control file. The syntax for that file is the same as for control/badmailfrom.

The benefit of this modification is that a lot of spammers use evelope sender addresses of wellknown public mail services like

hotmail.com
yahoo.com
bigfoot.com
lycos.com
...
which you obviously don't want to put in control/badmailfrom to block all traffic from this sender domains. A lot of spam with these sender domains arrives from hosts without a PTR record in DNS and I've barely seen legitimate messages coming in that way, so blocking them is IMHO a good idea.

The patch is "shielded" by the #define __mBMF_UNKNOWN at the top of qmail-smtpd.c. Undefining it disables the modification.

Within one week running qmail-smtpd with this modification we filtered out about 1200 messages a day on a system receiving about 80000 messages a day.

download:

Back to my qmail page.
Copyright © 1997-2007 Markus Stumpf (Maex) · created: Wed Dec 27 21:26:49 CET 2000 · last modified: Mon Jun 4 07:03:40 CEST 2007