Koozali.org: home of the SME Server
Legacy Forums => General Discussion (Legacy) => Topic started by: Dean Brandt on January 27, 2001, 09:42:05 AM
-
Hi Guys,
I have copied the /etc/smtpd_check_rules file to /etc/e-smith/templates-custom/etc/ directory and edited it so that I can restrict a certain spammer from sending mail to my e-smith box.
I added this line:
noto:ALL:*.domain.com.au:ALL
noto:*.domain.com.au:ALL:ALL
Then I ran /sbin/e-smith/expand-template /etc/smtpd_check_rules
Problem is...it still allows amil from that domain to be sent to the box. Am I doing this correctly? Do I need to stop or restart qmail? Am I editing the right file the right way?
Thanks in Advance
-
Dean Brandt wrote:
>
> Hi Guys,
>
> I have copied the /etc/smtpd_check_rules file to
> /etc/e-smith/templates-custom/etc/ directory
[This is related to 4.1bX - it should be on the devinfo list. I'm answering it
here as it contains some interesting issues on understanding the template
system]
No, please don't do that. Create custom template fragments for your changes.
If you copy the output file, you will stop all existing rules from applying. So,
for example, if you create a new virtualdomain, it will not appear in the output
file. The template mechanism is very powerful - you can add a one-line fragment
and it will just be added to the output file in the right place.
Have a look at the breadown in
/etc/e-smith/templates/var/spool/smtpd/etc/smtpd_check_rules
Your fragments should be in
/etc/e-smith/templates-custom/var/spool/smtpd/etc/smtpd_check_rules
NOTE: The file is /var/spool/smtpd/etc/smtpd_check_rules, not /etc/smtpd_check_rules. The link in /etc is there for convenience, but the
file which is read by smtpd is in the chroot() jail. We should probably remove
the link to avoid confusion (though it makes life easier when looking around).
> and edited it so
> that I can restrict a certain spammer from sending mail to my
> e-smith box.
>
> I added this line:
>
> noto:ALL:*.domain.com.au:ALL
> noto:*.domain.com.au:ALL:ALL
>
> Then I ran /sbin/e-smith/expand-template /etc/smtpd_check_rules
/sbin/e-smith/expand-template is there for testing. See above for the
real filename.
Use /sbin/e-smith/signal-event console-save, but more importantly, you
need to get the filename correct first.
> Problem is...it still allows amil from that domain to be sent
> to the box. Am I doing this correctly?
See above - just a single/two line fragment in the correct order.
> Do I need to stop or restart qmail?
No.
> Am I editing the right file the right way?
No - you should build a small fragment for your changes and you need the
correct filename (in the chroot() jail).
Gordon
-
Hi Gordon,
I followed your example and this is what I get in the maillog on the e-smith server now:
Jan 28 10:49:47 reggie smtpd[10491]: SMTP HELO from mel.cain.net.au(203.44.37.2) as "mel.cain.net.au"
Jan 28 10:49:47 reggie smtpd[10491]: mail from
Jan 28 10:49:47 reggie smtpd[10491]: smtp connection from UNKNOWN@mel.cain.net.au(203.44.37.2) MAIL FROM: RCPT TO: , allowed by line 33 of /etc/smtpd_check_rules
Jan 28 10:49:47 reggie smtpd[10491]: Recipient
Jan 28 10:49:47 reggie smtpd[10491]: Received 496 bytes of message body from mel.cain.net.au(203.44.37.2)
Jan 28 10:49:56 reggie smtpfwdd[10493]: forwarding to recipient dean@cain.com.au
Jan 28 10:49:56 reggie smtpfwdd[10493]: smtpdCQqthO forwarded to 1 recipients
So for some reason it is still looking at the /etc/smtpd_check_rules file.
Any ideas?
Thanks
-
Dean Brandt wrote:
>
> Hi Gordon,
>
> I followed your example and this is what I get in the maillog
> on the e-smith server now:
> [...]
> So for some reason it is still looking at the
> /etc/smtpd_check_rules file.
No, the logs are showing /etc/smtpd_check_rules, but that is /etc
relative to the root of smtpd's chroot() jail - /var/spool/smtpd
chroot() sets up a mini environment where a given directory is
the effective root of the filesystem and programs running in the chroot()
jail cannot access other parts of the filesystem.
syslog still works as we get syslog to listen to a socket in the jail.
> Any ideas?
Gordon
-
Hi Gordon,
Thanks for the explanation. All is now working. In the end it was a case of me putting the rule in the wrong place in the file. Another rule above it was over-ruling my new entry.
Thanks for the quick help.